urlscan.io logo urlscan.io
SecurityTrails logo

lihkg.com Open in urlscan Pro
2606:4700::6811:d5c1  Public Scan

Go To Rescan Add Verdict Report
URL: https://lihkg.com/thread/3470022/page/3?ref=web&post=6
Submission: On August 15 via api from HK — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 62 IPs in 10 countries across 55 domains to perform 348 HTTP transactions. The main IP is 2606:4700::6811:d5c1, located in United States and belongs to CLOUDFLARENET, US. The main domain is lihkg.com. The Cisco Umbrella rank of the primary domain is 104559.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 14th 2023. Valid for: a year.
This is the only time lihkg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
36 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 37 2606:4700::68... 13335 (CLOUDFLAR...)
3 15 2a00:1450:400... 15169 (GOOGLE)
4 77.245.57.72 36057 (WEBAIR-IN...)
8 63.32.81.34 16509 (AMAZON-02)
8 162.210.196.208 30633 (LEASEWEB-...)
4 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638:3::c 44788 (ASN-CRITE...)
24 2a00:1450:400... 15169 (GOOGLE)
1 178.250.1.11 44788 (ASN-CRITE...)
8 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1288:80:... 203220 (YAHOO-DEB)
5 87.248.100.137 34010 (YAHOO-IRD)
5 2a00:1288:110... 34010 (YAHOO-IRD)
3 35.186.215.140 15169 (GOOGLE)
25 151.101.65.44 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
7 2607:f8b0:402... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 74.125.71.156 15169 (GOOGLE)
2 2 3.127.92.109 16509 (AMAZON-02)
4 20 172.217.23.98 15169 (GOOGLE)
1 1 185.29.134.248 30419 (MEDIAMATH...)
2 5 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 151.101.130.49 54113 (FASTLY)
1 1 3.120.29.172 16509 (AMAZON-02)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
4 18.195.75.15 16509 (AMAZON-02)
2 4 52.208.107.103 16509 (AMAZON-02)
36 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2 37.157.6.254 198622 (ADFORM)
1 35.186.253.211 15169 (GOOGLE)
5 5 46.228.174.117 56396 (AMOBEE)
1 185.86.138.154 201081 (SMARTADSE...)
1 2 51.89.9.251 16276 (OVH)
3 3 185.89.210.101 29990 (ASN-APPNEX)
2 4 2001:678:cb4:... 56396 (AMOBEE)
1 2620:116:800d... 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2600:9000:25e... 16509 (AMAZON-02)
1 2 104.75.89.75 16625 (AKAMAI-AS)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 104.18.25.185 13335 (CLOUDFLAR...)
3 2600:1901:0:7... 15169 (GOOGLE)
2 2600:1f18:1ac... 14618 (AMAZON-AES)
2 142.250.186.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 52.209.126.138 16509 (AMAZON-02)
1 2600:9000:230... 16509 (AMAZON-02)
1 216.58.206.34 15169 (GOOGLE)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
4 4 142.250.181.230 15169 (GOOGLE)
4 4 84.200.5.215 44066 (DE-FIRSTC...)
2 167.233.13.224 24940 (HETZNER-AS)
3 92.123.148.9 16625 (AKAMAI-AS)
1 1 2a02:cb40:200... 20546 (SOPRADO-ANY)
1 3.124.181.128 16509 (AMAZON-02)
4 52.56.87.167 16509 (AMAZON-02)
2 18.66.147.41 16509 (AMAZON-02)
1 13.227.219.62 16509 (AMAZON-02)
4 13.43.74.95 16509 (AMAZON-02)
6 141.226.228.48 200478 (TABOOLA-AS)
348 62
11    2606:4700::6811:d5c1 (United States)

ASN13335 (CLOUDFLARENET, US)
lihkg.com
cdn.lihkg.com
adv.lihkg.com
pb.lihkg.com
5    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
36    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
37    2606:4700::6811:d6c1 (United States)

ASN13335 (CLOUDFLARENET, US)
lihkg.com
cdn.lihkg.com
adv.lihkg.com
pb.lihkg.com
15    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
cpm.bidmyqps.xyz
8    63.32.81.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-81-34.eu-west-1.compute.amazonaws.com
prebid.ad.smaato.net
8    162.210.196.208 (Ashburn, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
sync.aralego.com
4    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
1    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
24    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
8    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
5    87.248.100.137 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: o2.ycpi.vip.ir2.yahoo.com
ads.yap.yahoo.com
5    2a00:1288:110:c204::b000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
geo.yahoo.com
3    35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com
ad.sitemaji.com
25    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
7    2607:f8b0:4023:1004::78 (Fort Worth, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    74.125.71.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wn-in-f156.1e100.net
bid.g.doubleclick.net
2    3.127.92.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-92-109.eu-central-1.compute.amazonaws.com
pm.w55c.net
20    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
cm.g.doubleclick.net
1    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
5    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    3.120.29.172 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-29-172.eu-central-1.compute.amazonaws.com
d.agkn.com
1    85.114.159.93 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
4    18.195.75.15 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-75-15.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    52.208.107.103 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-107-103.eu-west-1.compute.amazonaws.com
unified.adsafeprotected.com
36    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
3    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2a00:1450:4001:e::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r3---sn-4g5edn6r.c.2mdn.net
2    37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
5    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    185.86.138.154 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
3    185.89.210.101 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
ib.adnxs.com
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    2600:9000:25e8:7200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com
sync.teads.tv
3    2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
3    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
2    2600:1f18:1aca:4281:e148:1293:6d53:b2b9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
2    142.250.186.66 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
ade.googlesyndication.com
1    2a00:1450:4001:81c::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    52.209.126.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-126-138.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
1    2600:9000:2304:3200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net
googleads4.g.doubleclick.net
6    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
4    142.250.181.230 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
ad.doubleclick.net
4    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
2    167.233.13.224 (Ismaning, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de
partner.o2online.de
3    92.123.148.9 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-148-9.deploy.static.akamaitechnologies.com
www.awin1.com
1    2a02:cb40:200::242 (Germany)

ASN20546 (SOPRADO-ANY, DE)
t.adcell.com
1    3.124.181.128 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-181-128.eu-central-1.compute.amazonaws.com
www.restposten.de
4    52.56.87.167 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-87-167.eu-west-2.compute.amazonaws.com
track.webgains.com
2    18.66.147.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-41.fra60.r.cloudfront.net
analytics.webgains.io
1    13.227.219.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-62.ams54.r.cloudfront.net
cdn.track.production.webgains.team
4    13.43.74.95 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-43-74-95.eu-west-2.compute.amazonaws.com
api.webgains.io
6    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
62 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 130
tpc.googlesyndication.com — Cisco Umbrella Rank: 151
0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 330
940 KB
48 lihkg.com
lihkg.com — Cisco Umbrella Rank: 104559
cdn.lihkg.com — Cisco Umbrella Rank: 127209
adv.lihkg.com — Cisco Umbrella Rank: 145425
pb.lihkg.com — Cisco Umbrella Rank: 141155
1 MB
47 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 206
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
stats.g.doubleclick.net — Cisco Umbrella Rank: 114
bid.g.doubleclick.net — Cisco Umbrella Rank: 842
cm.g.doubleclick.net — Cisco Umbrella Rank: 239
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 366
ad.doubleclick.net — Cisco Umbrella Rank: 194
262 KB
42 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 30452
ad4m.at — Cisco Umbrella Rank: 10726
assets.ad4m.at — Cisco Umbrella Rank: 40955
1 MB
31 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 930
trc.taboola.com — Cisco Umbrella Rank: 622
am-trc-events.taboola.com — Cisco Umbrella Rank: 14214
images.taboola.com — Cisco Umbrella Rank: 1763
790 KB
11 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2770
www.google.com — Cisco Umbrella Rank: 3
3 KB
10 yahoo.com
ads.yap.yahoo.com — Cisco Umbrella Rank: 13588
geo.yahoo.com — Cisco Umbrella Rank: 1379
3 KB
10 smaato.net
prebid.ad.smaato.net — Cisco Umbrella Rank: 7821
s.ad.smaato.net — Cisco Umbrella Rank: 760
3 KB
9 gstatic.com
csi.gstatic.com
fonts.gstatic.com
32 KB
8 adsafeprotected.com
unified.adsafeprotected.com — Cisco Umbrella Rank: 1728
dt.adsafeprotected.com — Cisco Umbrella Rank: 585
pixel.adsafeprotected.com — Cisco Umbrella Rank: 766
static.adsafeprotected.com — Cisco Umbrella Rank: 644
10 KB
8 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 27922
sync.aralego.com — Cisco Umbrella Rank: 3266
2 KB
6 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 25120
api.webgains.io — Cisco Umbrella Rank: 56842
37 KB
6 ad4mat.net
static-de.ad4mat.net — Cisco Umbrella Rank: 154708
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 127321
11 KB
5 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 841
s.tribalfusion.com — Cisco Umbrella Rank: 1914
3 KB
5 yimg.com
s.yimg.com — Cisco Umbrella Rank: 550
148 KB
4 webgains.com
track.webgains.com — Cisco Umbrella Rank: 44386
94 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 921
r.turn.com — Cisco Umbrella Rank: 3853
2 KB
4 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 1258
r3---sn-4g5edn6r.c.2mdn.net — Cisco Umbrella Rank: 414212
s0.2mdn.net — Cisco Umbrella Rank: 318
2 MB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 354
581 B
4 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1216
805 B
4 bidmyqps.xyz
cpm.bidmyqps.xyz — Cisco Umbrella Rank: 60934
1 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
imasdk.googleapis.com — Cisco Umbrella Rank: 520
133 KB
3 awin1.com
www.awin1.com — Cisco Umbrella Rank: 17077
2 KB
3 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 464
ib.adnxs.com — Cisco Umbrella Rank: 221
2 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 601
2 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 214
170 KB
3 sitemaji.com
ad.sitemaji.com — Cisco Umbrella Rank: 98755
20 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 425
mug.criteo.com — Cisco Umbrella Rank: 2553
7 KB
2 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 69872
3 KB
2 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 64810
879 B
2 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 64401
526 B
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 478
2 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1405
449 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 812
489 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1376
1 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 604
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 777
918 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 977
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65
149 KB
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 71451
15 KB
1 restposten.de
www.restposten.de
1 adcell.com
t.adcell.com — Cisco Umbrella Rank: 59233
476 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3044
104 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 857
463 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 861
75 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 833
245 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1661
630 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 708
775 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1190
775 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2069
54 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 617
13 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5933
408 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 356
2 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1175
7 KB
0 appier.net Failed
gocm.c.appier.net Failed
348 55
Domain Requested by
36 pagead2.googlesyndication.com lihkg.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
pb.lihkg.com
0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
googleads.g.doubleclick.net
24 cdn.lihkg.com lihkg.com
cdn.lihkg.com
22 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
googleads.g.doubleclick.net
imasdk.googleapis.com
20 cm.g.doubleclick.net 4 redirects 0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
googleads.g.doubleclick.net
18 assets.ad4m.at as.ad4m.at
15 googleads.g.doubleclick.net 3 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
13 pb.lihkg.com cdn.lihkg.com
pb.lihkg.com
pagead2.googlesyndication.com
12 ad4m.at as.ad4m.at
ad4m.at
12 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
11 cdn.taboola.com ad.sitemaji.com
cdn.taboola.com
pb.lihkg.com
8 trc.taboola.com cdn.taboola.com
8 www.google.com tpc.googlesyndication.com
0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
googleads.g.doubleclick.net
8 prebid.ad.smaato.net cdn.lihkg.com
pb.lihkg.com
8 lihkg.com 1 redirects cdn.lihkg.com
lihkg.com
static.cloudflareinsights.com
7 csi.gstatic.com imasdk.googleapis.com
6 images.taboola.com
6 am-trc-events.taboola.com
5 geo.yahoo.com pb.lihkg.com
s.yimg.com
5 ads.yap.yahoo.com s.yimg.com
5 s.yimg.com pb.lihkg.com
ad.sitemaji.com
5 securepubads.g.doubleclick.net lihkg.com
securepubads.g.doubleclick.net
0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
4 api.webgains.io analytics.webgains.io
4 sync.aralego.com pb.lihkg.com
4 track.webgains.com as.ad4m.at
4 ad.doubleclick.net 4 redirects
4 unified.adsafeprotected.com 2 redirects imasdk.googleapis.com
4 x.bidswitch.net 0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
googleads.g.doubleclick.net
4 partner.googleadservices.com pagead2.googlesyndication.com
4 hb.aralego.com cdn.lihkg.com
pb.lihkg.com
4 cpm.bidmyqps.xyz cdn.lihkg.com
pb.lihkg.com
3 www.awin1.com as.ad4m.at
3 prod-rtb.ad4mat.net googleads.g.doubleclick.net
3 static-de.ad4mat.net as.ad4m.at
3 sync.1rx.io 3 redirects
3 www.googletagservices.com googleads.g.doubleclick.net
3 a.tribalfusion.com 2 redirects googleads.g.doubleclick.net
3 ad.sitemaji.com pb.lihkg.com
3 region1.analytics.google.com www.googletagmanager.com
3 adv.lihkg.com lihkg.com
adv.lihkg.com
2 analytics.webgains.io track.webgains.com
2 partner.o2online.de as.ad4m.at
2 www.lead-alliance.net 2 redirects
2 www.telefonica-partner.de 2 redirects
2 ade.googlesyndication.com
2 dt.adsafeprotected.com
2 ssum-sec.casalemedia.com 2 redirects
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 s.ad.smaato.net googleads.g.doubleclick.net
2 r.turn.com googleads.g.doubleclick.net
2 ad.turn.com 2 redirects
2 secure.adnxs.com 2 redirects
2 onetag-sys.com 1 redirects googleads.g.doubleclick.net
2 sync.targeting.unrulymedia.com 2 redirects
2 c1.adform.net 2 redirects
2 r3---sn-4g5edn6r.c.2mdn.net
2 sync-tm.everesttech.net 2 redirects
2 s.tribalfusion.com googleads.g.doubleclick.net
2 pm.w55c.net 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 imasdk.googleapis.com 0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
2 0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 gum.criteo.com 1 redirects static.criteo.net
2 fonts.googleapis.com cdn.lihkg.com
0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
2 www.googletagmanager.com lihkg.com
www.googletagmanager.com
1 cdn.track.production.webgains.team as.ad4m.at
1 www.restposten.de as.ad4m.at
1 t.adcell.com 1 redirects
1 ib.adnxs.com 1 redirects
1 googleads4.g.doubleclick.net
1 static.adsafeprotected.com
1 pixel.adsafeprotected.com 1 redirects
1 s0.2mdn.net
1 dclk-match.dotomi.com googleads.g.doubleclick.net
1 cms.quantserve.com googleads.g.doubleclick.net
1 ssbsync.smartadserver.com googleads.g.doubleclick.net
1 rtb.openx.net googleads.g.doubleclick.net
1 gcdn.2mdn.net 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 d.agkn.com 1 redirects
1 sync.mathtag.com 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 mug.criteo.com
1 region1.google-analytics.com www.googletagmanager.com
1 static.criteo.net securepubads.g.doubleclick.net
1 www.google.de
1 stats.g.doubleclick.net www.googletagmanager.com
1 cdn.jsdelivr.net cdn.lihkg.com
1 static.cloudflareinsights.com lihkg.com
0 gocm.c.appier.net Failed
348 89

This site contains links to these domains. Also see Links.

Domain
na.cx
itunes.apple.com
market.android.com
fb.me
instagr.am
twitter.com
help.lihkg.com
Subject Issuer Validity Valid
lihkg.com
Cloudflare Inc ECC CA-3		 2023-05-14 -
2024-05-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
bidmyqps.xyz
R3		 2023-06-14 -
2023-09-12		 3 months crt.sh
smaato.net
Sectigo ECC Domain Validation Secure Server CA		 2022-09-19 -
2023-09-19		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-14 -
2023-10-04		 2 months crt.sh
*.pubgw.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-14 -
2023-10-04		 2 months crt.sh
yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-05-02 -
2023-10-25		 6 months crt.sh
feebee.com.tw
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
wrapper-vast.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-13 -
2023-11-15		 9 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M01		 2023-07-23 -
2024-08-20		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-07-25 -
2023-10-03		 2 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-07-31 -
2023-10-29		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
*.webgains.io
Amazon RSA 2048 M01		 2023-07-24 -
2024-08-22		 a year crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M01		 2023-02-28 -
2023-10-28		 8 months crt.sh

This page contains 44 frames:

Primary Page: https://lihkg.com/thread/3470022/page/3?ref=web&post=6
Frame ID: 903DCE62B370ADD4554B289137863055
Requests: 62 HTTP requests in this frame

Frame: https://lihkg.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js
Frame ID: 16E8CCEE4E42277035CAD01E0BDFC263
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20190131/zrt_lookup.html
Frame ID: A60EC81B5BDEE2B677EC47E55BC86909
Requests: 1 HTTP requests in this frame

Frame: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19
Frame ID: 7E90E57EF87FD06BD6F6A0B4762C56F7
Requests: 14 HTTP requests in this frame

Frame: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19
Frame ID: 7112FA0721BF4BE6F8C3E7B8E7FD2E25
Requests: 14 HTTP requests in this frame

Frame: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19
Frame ID: 420A021B3A1FCAFB7E1BB12D5B34004F
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3240616428100660&output=html&h=250&slotname=9808563034&adk=532204820&adf=386049263&pi=t.ma~as.9808563034&w=320&lmt=1692073208&format=320x250&url=https%3A%2F%2Flihkg.com%2Fthread%2F3470022%2Fpage%2F3&region=16920804077754695&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080407834&bpp=3&bdt=1069&idt=203&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&correlator=1614981858246&frm=20&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080408&ga_hid=1772006471&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=353&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077088%2C44795921%2C44796632%2C44799571&oid=2&pvsid=842651503506098&tmod=2018204529&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=OO7Im7g5FI&p=https%3A//lihkg.com&dtd=224
Frame ID: 7DD8CBCB727EBD6D6FB35EAAD1583115
Requests: 1 HTTP requests in this frame

Frame: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
Frame ID: 30D177365861C2884B9B55D6B30F38E8
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=lihkg.com
Frame ID: 5319D71BB0AEA9E2FD268EAEC82B1606
Requests: 2 HTTP requests in this frame

Frame: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
Frame ID: F99C40582BFBC619E2E127FF36D581B7
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3240616428100660&output=html&adk=1812271804&adf=3025194257&lmt=1692073208&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Flihkg.com%2Fthread%2F3470022%2Fpage%2F3&ea=0&region=16920804077754695&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080407853&bpp=2&bdt=1088&idt=268&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=320x250&nras=1&correlator=1614981858246&frm=20&pv=1&ga_vid=433030508.1692080408&ga_sid=1692080408&ga_hid=1772006471&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077088%2C44795921%2C44796632%2C44799571&oid=2&pvsid=842651503506098&tmod=2018204529&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=280
Frame ID: 46AEBD04F8F2827024E1B1CB2A8DC558
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9C00A5C2093B310983323D58EEF2EE3A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 391757136BD480AA3899E50D3CAECF41
Requests: 2 HTTP requests in this frame

Frame: https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 093BF17AE148289DE05508F181915B30
Requests: 1 HTTP requests in this frame

Frame: https://pb.lihkg.com/smj?theme=light&passback=1&platform=mobile-web&is_mobile=1
Frame ID: 60592AC44B05999950D6314FF265D4D8
Requests: 14 HTTP requests in this frame

Frame: https://pb.lihkg.com/smj?theme=light&passback=1&platform=mobile-web&is_mobile=1
Frame ID: 695ECD986A9BE9E5F9D05BEDA3E3A41B
Requests: 15 HTTP requests in this frame

Frame: https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3385E7DE28D15A2CBED81F7B1807126E
Requests: 39 HTTP requests in this frame

Frame: https://pb.lihkg.com/smj?theme=light&is_mobile=1
Frame ID: 2D5B0BD08783E230CA24FF44A71DC01B
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409014&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409174&bpp=3&bdt=1290&idt=210&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=259005268492&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080409&ga_hid=202743654&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076836%2C31076964%2C44799571%2C44789816%2C21065724&oid=2&pvsid=4327037523449845&tmod=1074106898&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tdjs3rj8l6j3&fsb=1&dtd=222
Frame ID: A19E5FCEB2317DF3A86B38B05396BD5D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5EC100D7098D0A8FAF484EFC47A28B6A
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409032&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409246&bpp=3&bdt=1359&idt=258&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=2348983626704&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=785304189&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31076837%2C31076876%2C44799579%2C44789816&oid=2&pvsid=4231817946788915&tmod=1468571350&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.zbkmca78uwj7&fsb=1&dtd=273
Frame ID: 0523CFFB9CF7287F88DE472BE4A009F1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409100&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409265&bpp=4&bdt=1377&idt=264&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=3916345261878&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=490264881&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44799955%2C44792012%2C44799581%2C44789816&oid=2&pvsid=964398651614398&tmod=734821863&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.haw97hvriulh&fsb=1&dtd=280
Frame ID: FCEB2171CB8EF458BA8946363C49BE49
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6F339E87B6491FC9BC917900EC154DA4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 93A837629D28003B1A5C55FA15480AD6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4FEAE9586D56E719EF181D423C113930
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DCEB4D984F4C138893FD7BA66574B89A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2ABF3BD1C7DB908795295D07E57962F1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 80AC80669E625169F0D6B9EA90B005E3
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jnca8ctc1mh5rhgj2nf3dg5yvqx0qydgqsdvg5ka4n4ywqygef0nx1dgzxqjacnv5ez8jvz7xemvsd6n7zq8tgahted2vnwjvwje4yh18qtgd3s60zygzspde5n1t58g4hjratney7pttmjdrxwmt3gfye3j5dwq7g9xdzfd4zp76cdtrxyxvnxezxmhxa09dd67dpkd468w684dfmgxmjvk5m4m7vghnae3t4qjm7kxf39r2ydm8yavpv545n65ymx5dbnfd9hr2vcck8pjatdh5yfdhnxc80kye8ydpaw435kqs878027zj4c4cbxw980nav5t4g7yqzf1bef5jcvg0ds1wtd318kr7h9t3vq39mgrf1pny47s5aafxvj9awq2xkjn5s287vem00d6t9mx34jynj64kaarcs53qf1jq7jet6evadhrzjbjw8jdcw7599691p0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClM5DGRnbZJbiHMXBo9kP9_upOJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAh5w21pFTrI-qAMByAMCqgTfAU_Q05LtXDemvwo9wcATsfkq0jRcbSEKiwJUzDv1qdQed5gsmSEmRrq5HIK3NySQ31yVyR8jJG3BZrProWRcdhvdqxhPSDEX209J0_6HKLBNstbHIhLx7rUUevrlhcpsMjvadF2HswBiuIZizMOwnEVgpB8S-QzS8qKAtPwqJAhvzpt31dilYTA28O1krJC6ipP7P7_4v-RkGp8csCTMO4C36b1uWkUeyRP5IpBZIT9nyalTSRbZEKPcq7yzFAEPT9T0TjWSBx26cwC2xWvuBNSREGsDTKX13_7qYyCPG-SABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0VrU1eSJkiR6GFB5tUhPMDxENCEQ%26client%3Dca-pub-1983042674979462%26adurl%3D
Frame ID: 62292B890E72EF47B4F2BDA1AF69E722
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js
Frame ID: E6DFD0A752A2DFB81C37D837BC03F761
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E08546DA5E184E48762ACA6E5EBF4AAB
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1htjqrwxw9k807gx34pt403mvj0znq5fxw3s06j20j0myq312s1wc23d6dpskreaefexn5bg7n4k9xf8dbem00c203q1de84y2rza5tg0yckahcczsesfaa74mmnz8bdwmedn1yg2vacfnm0p6vms8tche0rb1bykp4gjkvcy2xm6dy4422fjdvwg9c3a8hhnb968h5at0bjkj6hd73bav38j5h0d1vm91frcjwr9vbt6rcthj9ypz9peawfzj8md2vp8eattspg1eat34xwpvnwamd5q68wef96fhfph7es9x2wveks7a3mw4kyqnpqwzqahp9v2a69wzhmt2mmvxp18b1q3gtp1b8svtwdawpycp5m8q43pn23t0bavn54t56v2zn54vf428ktmse1dh7rtrc5jq04rw07rry1rn7m6was0z60q3754e7ech6rqn5aa3h6jwng&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoVGTGRnbZMDmJb_yvPIPn6eCsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQIimafJvEyyPqgDAcgDAqoE1wFP0KMPqou6xrzGiyBF5XVAIP_tHO3xtDJBkuFlGS3fTfze335L0r0m1VUz8nRSEltvEZLAJ6ZWJgm4hpLBaVLtUBpvYu0Ap2dxaSfG3RhtPYxprTsgM6FblfYLPseVRTT0W84JnBbqjnqoNy0alUtuuSfkezrYdkCl2Zqg4fGk1FvwkRAPr_iv8DazlT-rQoe2cZwQTIcwQ14sKhyPCLqUNb_WU78gyXIcmeI9w9dmqkR2d8Q_7XtXjqft23dKyEyWgoPtNmnkFrDXYy4qMQtqr547Fm6M-IAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3pYSGuVl4Yqvk7D6-441Z6J2ibAg%26client%3Dca-pub-1983042674979462%26adurl%3D
Frame ID: E80D7E864E245AF986DE4F1FD84AB5B3
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js
Frame ID: 843849CCF91FA48C0BEB66A7F9D02432
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9BC9288F96A488EEBB3598059D3AB64F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: D481E6A29E97992DC130C7C92CC55754
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jw12j2kg98x3tssb7dcjv6r45kx35yxehkn793cf7dxv691dtxp7gpacs9mxew8aemk6t5zrctd3h80cyew9x6r2skbtx9veyf6qmrh4kk5sjcxc0436kjcce0157jt3s5sdnc3hxtr7n4632gq1985vwzr1wq7e0n0tfkpz0ppwvygrb52jwkkach20dqb80djqy8b7xks29s7fn6shwpe66gta3xe3e0ny8chhrtb6v8b6448p4skagmjrh6b6qswnexbm2tgcsqe8ckz0j537q1fth7sbn07nd2x6jx7arhc7ec4b84cycrctyt9c4132d20wd9431pyt07agn2gdanmecs47pc9grswk5xxv873016kzet2pyffca4877hkdr2vqjhrphp87fn4y6p78zp4r717r1anpxtz1vzwr0ehc07zwmbz0f44mtfmk4n87zanqe20&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC632dGRnbZM3LJayGn88Px7ORoAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJKgSnmX1yyPqgDAcgDAqoE3wFP0FGI4GsjKhFM23280oAnkHR7fDyvX8Y0kqaK1_J_8cPVvvdrSbpq0Q4ppGE-esyxNDZTbKMy0pgS4M6vC5dNauKVzDqGH5SONNJMltARSluF6ne2FOgA3tiX4cxp8nmUwA23fOZrj37yPuKZZiDe2oalMcKGCSIabNL0GHekOxv7RZZQMgklMWHs3oP5fmXA9ex8xwJzG_f9GV_WsY9FlYzEFuv4rQsC4GU2rswfWQ8ch891i53s2rSYoTkBSedoF--pkmg5y6f48-XZhD8YcpbrmrtTggaOQIed1yLLgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0H7iwkLdWAPGLDFy_m0tUn_5DAjQ%26client%3Dca-pub-1983042674979462%26adurl%3D
Frame ID: E0365E2DC45C994727EA61B60A98B445
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js
Frame ID: DBDB143D98E9192EBC29D93C01608B71
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9892DE8A94D6839E4947F059B9401173
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: F29F4873CFA9DC5E70AC9019A290D327
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 78ABD29573AD513EB49EF0F0C2CB43A5
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 92CE67AB561A37A9086F586AD8A4371F
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=175059%2C22925%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfjGkcxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfwP3sVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=7d81e3ce49585635a6483b04b8953953%2F5092173492639382676&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g74t3dmf0w9v3shzwx6hfyjn7ajtw109j70qck4z4et03hb4x6s2wbnn8aw4nktc9aw5qkjq2gyn1sw9bbakh0p785qhed2sg99apbq6sneqvna6355fcpm9m4cqtj33ch66yp3e3vmbf3we1kd100r2jtxxy9c401bgbr0sbndd1drj84yncs7j6cc5m3tfc4xs6yy6twdfmxp6875r0r2k8xm0txvvj3m4phsq11qyqvk6kbzc8n80sfa7sfsvbfprzryxvhh64452bzz21vjmw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoVGTGRnbZMDmJb_yvPIPn6eCsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQIimafJvEyyPqgDAcgDAqoE1wFP0KMPqou6xrzGiyBF5XVAIP_tHO3xtDJBkuFlGS3fTfze335L0r0m1VUz8nRSEltvEZLAJ6ZWJgm4hpLBaVLtUBpvYu0Ap2dxaSfG3RhtPYxprTsgM6FblfYLPseVRTT0W84JnBbqjnqoNy0alUtuuSfkezrYdkCl2Zqg4fGk1FvwkRAPr_iv8DazlT-rQoe2cZwQTIcwQ14sKhyPCLqUNb_WU78gyXIcmeI9w9dmqkR2d8Q_7XtXjqft23dKyEyWgoPtNmnkFrDXYy4qMQtqr547Fm6M-IAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3pYSGuVl4Yqvk7D6-441Z6J2ibAg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Frame ID: 36861F28441DBE9D58286CD467A77086
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=175059%2C192347%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C7YmUqfzfjXmrurHXHgtECVVef4S1TQPbCEZQx%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=5839870e34d254e5f21845ad7749c4f8%2F15423261383198278964&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3vd6acadt1v45qxa5fxx1p0wkmwap385e9x57e1ts7a414mtybwav5h3a2bj1at0gbj4zh6z3r36k9sjadza6nagvhp1014a38wjysd3m5wvk3cf96ag2ynxt238t35ey405kzdpq7kcbxf8nf4qgs7sdb14b6e17zc7x33k7hk6j4sfc0dde4jejj6gsdxbs5dx5mzshprk8t67fdz3h6d86da5brrpbfhvns2y0d2s36pndes6z4aw63ftm87h7hhywhae177yzsb6z834fv7c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClM5DGRnbZJbiHMXBo9kP9_upOJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAh5w21pFTrI-qAMByAMCqgTfAU_Q05LtXDemvwo9wcATsfkq0jRcbSEKiwJUzDv1qdQed5gsmSEmRrq5HIK3NySQ31yVyR8jJG3BZrProWRcdhvdqxhPSDEX209J0_6HKLBNstbHIhLx7rUUevrlhcpsMjvadF2HswBiuIZizMOwnEVgpB8S-QzS8qKAtPwqJAhvzpt31dilYTA28O1krJC6ipP7P7_4v-RkGp8csCTMO4C36b1uWkUeyRP5IpBZIT9nyalTSRbZEKPcq7yzFAEPT9T0TjWSBx26cwC2xWvuBNSREGsDTKX13_7qYyCPG-SABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0VrU1eSJkiR6GFB5tUhPMDxENCEQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Frame ID: BE98773504ADA5F5F08C67749F61C739
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=6a045a7050e1b74ba1d82576e31e9227%2F11710773295525951317&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410569&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5b3s7g4bkv9g2cgnj4wyapz86344fr6dj0t4ywgr1ttra0fj6xattsv4zsy0edjw2m61pdmcak89vw0vnzwtf5f13gyq20qk76kqbvx57jer5e6mn374pffs4kqsejxak0s8a06z6swcybyrnh65p23hhmk3065s64gyfejh1fm7w5r2ag4s0s3zmwg7vh95fgwef0y2v7v9q86zjp62s1c2j6bmrzfnmt12sbq7xj9gc8f6eqytf1khvbwzfx85gvyq250enjde5tpdhmw9ng6c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC632dGRnbZM3LJayGn88Px7ORoAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJKgSnmX1yyPqgDAcgDAqoE3wFP0FGI4GsjKhFM23280oAnkHR7fDyvX8Y0kqaK1_J_8cPVvvdrSbpq0Q4ppGE-esyxNDZTbKMy0pgS4M6vC5dNauKVzDqGH5SONNJMltARSluF6ne2FOgA3tiX4cxp8nmUwA23fOZrj37yPuKZZiDe2oalMcKGCSIabNL0GHekOxv7RZZQMgklMWHs3oP5fmXA9ex8xwJzG_f9GV_WsY9FlYzEFuv4rQsC4GU2rswfWQ8ch891i53s2rSYoTkBSedoF--pkmg5y6f48-XZhD8YcpbrmrtTggaOQIed1yLLgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0H7iwkLdWAPGLDFy_m0tUn_5DAjQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Frame ID: 4AFB831FF958E39CA78C93C18CBB0DC9
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

今日俾個職員叫我去石門拎學生證 | LIHKG

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

348
Requests

91 %
HTTPS

51 %
IPv6

55
Domains

89
Subdomains

62
IPs

10
Countries

7204 kB
Transfer

16946 kB
Size

48
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://lihkg.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://lihkg.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js
Request Chain 31
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
Request Chain 63
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
Request Chain 67
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
Request Chain 72
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=250&slotname=9106605872%2F5521398132&adk=3524170298&adf=2689791701&pi=t.ma~as.9106605872%2F55213981_&w=320&lmt=1692073208&format=320x250&url=https%3A%2F%2Flihkg.com%2Fthread%2F3470022%2Fpage%2F3&region=16920804077765762&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080407837&bpp=1&bdt=1072&idt=229&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&correlator=1614981858246&frm=20&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080408&ga_hid=1772006471&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=627&ady=2584&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077088%2C44795921%2C44796632%2C44799571&oid=2&pvsid=842651503506098&tmod=2018204529&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=V1YEGfhgWq&p=https%3A//lihkg.com&dtd=233 HTTP 302
  • https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
Request Chain 78
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
Request Chain 79
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=250&slotname=9106605872%2F5521398132&adk=3524170298&adf=1425298232&pi=t.ma~as.9106605872%2F55213981_&w=320&lmt=1692073208&format=320x250&url=https%3A%2F%2Flihkg.com%2Fthread%2F3470022%2Fpage%2F3&region=16920804077765855&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080407838&bpp=1&bdt=1073&idt=265&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&correlator=1614981858246&frm=20&pv=1&ga_vid=433030508.1692080408&ga_sid=1692080408&ga_hid=1772006471&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=627&ady=3846&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077088%2C44795921%2C44796632%2C44799571&oid=2&pvsid=842651503506098&tmod=2018204529&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Nh0Fg2zsgb&p=https%3A//lihkg.com&dtd=272 HTTP 302
  • https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
Request Chain 85
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=lihkg.com&sn=ChromeSyncframe&so=0&topUrl=lihkg.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=KRVQ_nxGeWtzdUQvVG9nQ2VrQktsT0lYL3pHYkdTSFQ0NlhRYy8ydXkzNkFGbFJCQk95YSs0ZWJ2TnBFWFVuMDJPL1BIUjZLRUNITWdJTUczdjZQZTB0RFBtSWl0czNzbEpiNGJkMGR1R2JRWE5JcUcyZmZQZDVIb09UcEMzM09iQXN6dEIrNklzWjZ0V0ZObTZ3MUF3L3c2Vjhaa1gzVTJodStNWVJSWmRjVnJyMHJIQnpnandjeFNPTFpHa2dXTE1lT3AzbVNuOTJyWDVwdHBQWHZaRVM4NjRURG9lUUVzUlhjOEMzV2hURXQ2VlBZUUFQbEJ5aHRGbEpCQUJtdHI0N1U5SEJkTUlpK3V1Q2EzUnVqRnV5N0pUUT09fA&cppv=2
Request Chain 153
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI5F2RbVqZn7h23fRHf-jJQ&google_cver=1&google_push=AXcoOmS79CPhnNq1rj4cUO8xlxTBfewZuYXgqTWxmELHfyEv-q0HXZES-Rgab_Hhr4Hn9HtPeYSPbNVCnz0GEgKmcCugZQ9JDNcGYFQz0woybG4Cuy1FRmFNEldr8cDQV1WUeVfkYETZI1hV HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI5F2RbVqZn7h23fRHf-jJQ&google_cver=1&google_push=AXcoOmS79CPhnNq1rj4cUO8xlxTBfewZuYXgqTWxmELHfyEv-q0HXZES-Rgab_Hhr4Hn9HtPeYSPbNVCnz0GEgKmcCugZQ9JDNcGYFQz0woybG4Cuy1FRmFNEldr8cDQV1WUeVfkYETZI1hV HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MGY3a3B2SHoxUXZOcHY1&google_gid=CAESEI5F2RbVqZn7h23fRHf-jJQ&google_cver=1&google_push=AXcoOmS79CPhnNq1rj4cUO8xlxTBfewZuYXgqTWxmELHfyEv-q0HXZES-Rgab_Hhr4Hn9HtPeYSPbNVCnz0GEgKmcCugZQ9JDNcGYFQz0woybG4Cuy1FRmFNEldr8cDQV1WUeVfkYETZI1hV
Request Chain 154
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKNfUDDcY06ZpxYvdE4WLEI&google_cver=1&google_push=AXcoOmTr72M5YDdsr_APVJGk3aQOI9Fa8TNesZ2Ml3ewdHr5B_mOaWjSQX-YyZfnL60NmUe1cvH17O1iLb1GCHpYEepVNiBmkxTySY9jzx84rgotuohC0qDYsumvrdeJqK0RSNFxtiWue8xxNg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmTr72M5YDdsr_APVJGk3aQOI9Fa8TNesZ2Ml3ewdHr5B_mOaWjSQX-YyZfnL60NmUe1cvH17O1iLb1GCHpYEepVNiBmkxTySY9jzx84rgotuohC0qDYsumvrdeJqK0RSNFxtiWue8xxNg
Request Chain 155
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENaTplHjfrMuhiSnh_WaHck&google_cver=1&google_push=AXcoOmQdqoSVHjoojp7Nmb8-99h6-rueQk84yXqbHImAYMTsFtzwiRk36kfNGO9b_ahl29ZkKP7V4Smi9bAyYkw7AvWAk1hq-2ofav4WIheTE5bH-YsX1atzqGpmPlVoLGZttL5Qx3GPPrce&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQdqoSVHjoojp7Nmb8-99h6-rueQk84yXqbHImAYMTsFtzwiRk36kfNGO9b_ahl29ZkKP7V4Smi9bAyYkw7AvWAk1hq-2ofav4WIheTE5bH-YsX1atzqGpmPlVoLGZttL5Qx3GPPrce%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENaTplHjfrMuhiSnh_WaHck&google_cver=1&google_push=AXcoOmQdqoSVHjoojp7Nmb8-99h6-rueQk84yXqbHImAYMTsFtzwiRk36kfNGO9b_ahl29ZkKP7V4Smi9bAyYkw7AvWAk1hq-2ofav4WIheTE5bH-YsX1atzqGpmPlVoLGZttL5Qx3GPPrce&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQdqoSVHjoojp7Nmb8-99h6-rueQk84yXqbHImAYMTsFtzwiRk36kfNGO9b_ahl29ZkKP7V4Smi9bAyYkw7AvWAk1hq-2ofav4WIheTE5bH-YsX1atzqGpmPlVoLGZttL5Qx3GPPrce%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 156
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECAd3SITeZ1Vm7UV_Yf-mLg&google_cver=1&google_push=AXcoOmRYgFtdgpgjHCi5Q0J7I3d1Hv4oiGFB3HlR19r_r4GB08ikxJw0lil2VjR-LombbSQlG3gZYWqyiu_Y6OfFR48-Xf1tnebDX7F-vL7JIl6WRPxHhto-1-qGdUzXSM6SGv7gVUkUvGIA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECAd3SITeZ1Vm7UV_Yf-mLg&google_push=AXcoOmRYgFtdgpgjHCi5Q0J7I3d1Hv4oiGFB3HlR19r_r4GB08ikxJw0lil2VjR-LombbSQlG3gZYWqyiu_Y6OfFR48-Xf1tnebDX7F-vL7JIl6WRPxHhto-1-qGdUzXSM6SGv7gVUkUvGIA
Request Chain 157
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEE-iaGmx-YBM5cmiq-4Sf9k&google_cver=1&google_push=AXcoOmTJL29ydKrU7bVvT1qV6lBKzh_DJ5bZC2wSPJNb3xATcYpTX1GLrSVdgdDIlwzNVh9mYPQQCLT3SnbYcpr4cYNcDgpXP8ajZi_H7uMwaMrNgS61josRP3mbM0E_QM5SCUi3vMNVYMZBHw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmTJL29ydKrU7bVvT1qV6lBKzh_DJ5bZC2wSPJNb3xATcYpTX1GLrSVdgdDIlwzNVh9mYPQQCLT3SnbYcpr4cYNcDgpXP8ajZi_H7uMwaMrNgS61josRP3mbM0E_QM5SCUi3vMNVYMZBHw&google_hm=Q0FFU0VFLWlhR214LVlCTTVjbWlxLTRTZjlr
Request Chain 158
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFog5UCAgGumPvO6HIXsZOY&google_cver=1&google_push=AXcoOmQwAzJpmwAt3to2JRNVzmYqnnRq5Wd0yKCUKb6afVZ_J5c6PXTUsK_uq0hO7I47QaM2ETZ-YZ0Aoqy1B-w_Twz8i3L6r7urKZvlTajErmDGyBr_5r4QnvjbS6khDrC6N0D9d_vRNcOprA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2NzQzMDAxODg4MDc2NDA1Mg%3D%3D&google_push=AXcoOmQwAzJpmwAt3to2JRNVzmYqnnRq5Wd0yKCUKb6afVZ_J5c6PXTUsK_uq0hO7I47QaM2ETZ-YZ0Aoqy1B-w_Twz8i3L6r7urKZvlTajErmDGyBr_5r4QnvjbS6khDrC6N0D9d_vRNcOprA
Request Chain 191
  • https://gcdn.2mdn.net/videoplayback/id/6967f19e4f122d9f/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825912847/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/75BDD2C064DBDE6CB557452B70C809395DB068C3.3684E837A80428D3A6A0DE0DD7D89BADA53000D2/key/ck2/file/file.mp4 HTTP 302
  • https://r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/6967f19e4f122d9f/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825912847/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/79DBE19EE487303E8C3B1D552A82F53A494E8CE2.5DA5347762A9A1A7CF0A8DD873AF8BF5AD26B986/key/cms1/cms_redirect/yes/mh/Vx/mip/2001:1b60:2:240:3247::10/mm/42/mn/sn-4g5edn6r/ms/onc/mt/1692079807/mv/u/mvi/3/pl/29/file/file.mp4
Request Chain 194
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENaTplHjfrMuhiSnh_WaHck&google_cver=1&google_push=AXcoOmQD3NPDQOGLbTul_0MP3F-ZJZQBaP9-Mi-GosbaRPcDxOYdcZn3Ef1VPMFHODnlxs6vtOaFI3NWImbGGSkFw7uP6yCkdBJs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQD3NPDQOGLbTul_0MP3F-ZJZQBaP9-Mi-GosbaRPcDxOYdcZn3Ef1VPMFHODnlxs6vtOaFI3NWImbGGSkFw7uP6yCkdBJs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENaTplHjfrMuhiSnh_WaHck&google_cver=1&google_push=AXcoOmQD3NPDQOGLbTul_0MP3F-ZJZQBaP9-Mi-GosbaRPcDxOYdcZn3Ef1VPMFHODnlxs6vtOaFI3NWImbGGSkFw7uP6yCkdBJs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQD3NPDQOGLbTul_0MP3F-ZJZQBaP9-Mi-GosbaRPcDxOYdcZn3Ef1VPMFHODnlxs6vtOaFI3NWImbGGSkFw7uP6yCkdBJs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 195
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECzP9Bocl8bNFZhD3EYTC_o&google_cver=1&google_push=AXcoOmTzIUfdwvp96DrwfyfMA-6zNgxxX122Jyj-UJmkjR92WVmSguyQyO3yK2_MPErk44fu_R9GArkTA4RF9_GmUxEBBP55K1O_ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECzP9Bocl8bNFZhD3EYTC_o&google_cver=1&google_push=AXcoOmTzIUfdwvp96DrwfyfMA-6zNgxxX122Jyj-UJmkjR92WVmSguyQyO3yK2_MPErk44fu_R9GArkTA4RF9_GmUxEBBP55K1O_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY5Njc5OTY0MTkzOTUwNjg2Nw&google_push=AXcoOmTzIUfdwvp96DrwfyfMA-6zNgxxX122Jyj-UJmkjR92WVmSguyQyO3yK2_MPErk44fu_R9GArkTA4RF9_GmUxEBBP55K1O_
Request Chain 197
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEMIPIBypa_UfZQbWFu1SBQA&google_cver=1&google_push=AXcoOmTUHqhU4_rxiiQUFdd5-DYbb-GTxd0KpKJB9hA2ylgGkdI4GU9S4bg26U_DhBoVGT8uarg6Yqv_X3YCcP8GWOIX9rksxAIM HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTUHqhU4_rxiiQUFdd5-DYbb-GTxd0KpKJB9hA2ylgGkdI4GU9S4bg26U_DhBoVGT8uarg6Yqv_X3YCcP8GWOIX9rksxAIM&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1692080410017 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-32dc504b-8510-48f7-b414-439fc78fdb71-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTUHqhU4_rxiiQUFdd5-DYbb-GTxd0KpKJB9hA2ylgGkdI4GU9S4bg26U_DhBoVGT8uarg6Yqv_X3YCcP8GWOIX9rksxAIM%26google_hm%3DAzLcUEuFEEj3tBRDn8eP23E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTUHqhU4_rxiiQUFdd5-DYbb-GTxd0KpKJB9hA2ylgGkdI4GU9S4bg26U_DhBoVGT8uarg6Yqv_X3YCcP8GWOIX9rksxAIM&google_hm=AzLcUEuFEEj3tBRDn8eP23E
Request Chain 199
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENGPKGTv0a6hE42BMinYPHA&google_cver=1&google_push=AXcoOmTUIGJppKc_Wtmf8q4r9N4yLuuGn3bNfilhiU1fCIRPq5lqhstKU3jFETnfA84nV6JE98PRY--3cAwJDAWoIEFjzKWzedAv5Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTUIGJppKc_Wtmf8q4r9N4yLuuGn3bNfilhiU1fCIRPq5lqhstKU3jFETnfA84nV6JE98PRY--3cAwJDAWoIEFjzKWzedAv5Q HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 200
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEC0t8JKkrF8CcqO7vwMjeO8&google_cver=1&google_push=AXcoOmSKQba5XJMjqdkxwDrF7zSPUJlla_ngLh68npDRhdZkBl5lMEUkUHTQ9wSfVMBKv9XPo5GI8wRUcxPAuXdfLL6yfriOOKJX6Q HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEC0t8JKkrF8CcqO7vwMjeO8%26google_cver%3D1%26google_push%3DAXcoOmSKQba5XJMjqdkxwDrF7zSPUJlla_ngLh68npDRhdZkBl5lMEUkUHTQ9wSfVMBKv9XPo5GI8wRUcxPAuXdfLL6yfriOOKJX6Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTAxNjk0ODExNDA2NzY2ODkzNA%3D%3D&google_gid=CAESEC0t8JKkrF8CcqO7vwMjeO8&google_cver=1&google_push=AXcoOmSKQba5XJMjqdkxwDrF7zSPUJlla_ngLh68npDRhdZkBl5lMEUkUHTQ9wSfVMBKv9XPo5GI8wRUcxPAuXdfLL6yfriOOKJX6Q
Request Chain 215
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEP0deGx7qGgQCVBjDzEvYiU&google_cver=1&google_push=AXcoOmTOHnj9PouG_vObGlstBesYZsVJLjfiu-CHaf7nNy-URm4vZ-KmMCVmSQ0xOyUi_9XD_uRQx2WIxA4VMl06fEciHVGfVA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NjkzMTEzMjA0NDU1NjUzNTY1NQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP0deGx7qGgQCVBjDzEvYiU&google_cver=1
Request Chain 220
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEArsPv41CRMcYC0KCUOPYiA&google_cver=1&google_push=AXcoOmRJU-xGJFO7rRp66nOx8NfPSQNNGHm5i04_j_jjKd6CZm8KRvEIJKWvzyo-sNEgQszC-yafeZSUhwm-auxn-3QJPMGIicS- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRJU-xGJFO7rRp66nOx8NfPSQNNGHm5i04_j_jjKd6CZm8KRvEIJKWvzyo-sNEgQszC-yafeZSUhwm-auxn-3QJPMGIicS- HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 240
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEP0deGx7qGgQCVBjDzEvYiU&google_cver=1&google_push=AXcoOmT4LQVXXcVNYQazww8bRVdkMveJiRs8pwsstK6bW14ypTu2yujx8Jk3kTImb_aqn36KdlikNFywwvZuEY_x0PUUZGEJHHtqZR1pCe-dNW5-pa-gf_ZH977sczXS3LW4vK7R0MOQUG7Wm1_-phfPCVR- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NjkzMTEzMjA0NDU1NjUzNTY1NQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP0deGx7qGgQCVBjDzEvYiU&google_cver=1
Request Chain 242
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECAd3SITeZ1Vm7UV_Yf-mLg&google_cver=1&google_push=AXcoOmRKNjgYaR_PuH1y09vUOutnadns6SlSgJh6-xJHwC4NlC0DIS5Y2E0qkTv47Nsue5xwp51D_N30GzkYFGSupRgUfG0Da3U14t92ZlESqMPR-DBIsmQ6axWjM68Zj1QeTYMw5uQ6yxAPLbt-UDxn-DE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk5zWkdRQUlxZzZEc2dBTg==&google_gid=CAESECAd3SITeZ1Vm7UV_Yf-mLg&google_cver=1&google_push=AXcoOmRKNjgYaR_PuH1y09vUOutnadns6SlSgJh6-xJHwC4NlC0DIS5Y2E0qkTv47Nsue5xwp51D_N30GzkYFGSupRgUfG0Da3U14t92ZlESqMPR-DBIsmQ6axWjM68Zj1QeTYMw5uQ6yxAPLbt-UDxn-DE
Request Chain 244
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBSEggadM7vjvYjtNWVtbbw&google_cver=1&google_push=AXcoOmRX-ZiJvH0R3XspRydRWwKvHyjtYqJ_CioQ0YDYaaUXaev0SSAPXqsuSoSGSnbnI0-cZOEmTMctEULbe1m9dtwlNXnQa3SS1eHiDdYyz2Bmvw6JTCUiASE3JeyNI-Gcz4WhEi5FaQIKYTWahYINYPKN HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBSEggadM7vjvYjtNWVtbbw&google_push=AXcoOmRX-ZiJvH0R3XspRydRWwKvHyjtYqJ_CioQ0YDYaaUXaev0SSAPXqsuSoSGSnbnI0-cZOEmTMctEULbe1m9dtwlNXnQa3SS1eHiDdYyz2Bmvw6JTCUiASE3JeyNI-Gcz4WhEi5FaQIKYTWahYINYPKN&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBSEggadM7vjvYjtNWVtbbw&google_hm=ZNsZGtZ7PwgcoKjQXiGMgwAADMIAAAIB&google_nid=index&google_push=AXcoOmRX-ZiJvH0R3XspRydRWwKvHyjtYqJ_CioQ0YDYaaUXaev0SSAPXqsuSoSGSnbnI0-cZOEmTMctEULbe1m9dtwlNXnQa3SS1eHiDdYyz2Bmvw6JTCUiASE3JeyNI-Gcz4WhEi5FaQIKYTWahYINYPKN
Request Chain 246
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEMIPIBypa_UfZQbWFu1SBQA&google_cver=1&google_push=AXcoOmRAaK0wDqek4HNu0R-Wsttho-EqeGsHovItRJUzWVRZQ_iZI28RsW-MJvctTQXGhPXFEPHqi4TsOUfnwp-uloprheKCZvJPofi7X6GSCkdYcQElyQDL-nCSEVqTU5aM6YfuAbAjAIcQnoXto9Pu-2Y HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-32dc504b-8510-48f7-b414-439fc78fdb71-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRAaK0wDqek4HNu0R-Wsttho-EqeGsHovItRJUzWVRZQ_iZI28RsW-MJvctTQXGhPXFEPHqi4TsOUfnwp-uloprheKCZvJPofi7X6GSCkdYcQElyQDL-nCSEVqTU5aM6YfuAbAjAIcQnoXto9Pu-2Y%26google_hm%3DAzLcUEuFEEj3tBRDn8eP23E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRAaK0wDqek4HNu0R-Wsttho-EqeGsHovItRJUzWVRZQ_iZI28RsW-MJvctTQXGhPXFEPHqi4TsOUfnwp-uloprheKCZvJPofi7X6GSCkdYcQElyQDL-nCSEVqTU5aM6YfuAbAjAIcQnoXto9Pu-2Y&google_hm=AzLcUEuFEEj3tBRDn8eP23E
Request Chain 254
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU1RBUlQiLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vMDE2OWY4NDhmNzQ4MGYxODZhYTlmNmM3OGNiMjNkMTYuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS8ifX0sImN1c3RvbSI6eyJjdXN0b20xIjoiIiwiY3VzdG9tMiI6IjIuMCIsImN1c3RvbTMiOiIyLjAiLCJjdXN0b203IjoiMTQzNDE3MiIsImN1c3RvbTgiOiI3MDc3NDQ4OSIsIm1vbml0b3JpbmciOiJmYWxzZSIsInJlZ2lvbiI6ImllIiwieHNpZCI6ImNiMzA4YzBiLTIwNGItNGJmOC1iNWFlLTU2YjMzNTZjYWYyYiJ9LCJ0aW1lc3RhbXAiOiIwMDAxLTAxLTAxVDAwOjAwOjAwWiIsImhlYWRlcnMiOnsiaGVhZGVyMTAiOiIyMDIyNDczMjMwOSIsImhlYWRlcjEyIjoiYWQuZG91YmxlY2xpY2submV0IiwiaGVhZGVyMyI6Ikdvb2dsZTIiLCJoZWFkZXI0IjoiNyIsImhlYWRlcjgiOiJpYXNvIiwiaGVhZGVyOSI6IiJ9LCJjYiI6IjE2OTIwODA0MDk4NzA4OTk3MzMiLCJhZER1cmF0aW9uIjoyMTE1MDk4MTEyLCJpYXNTaW5nbGV0YWciOnRydWUsImlhc1NpbmdsZXRhZ091dGNvbWUiOiJPVVRDT01FX01fX1ZBU1RfX09NSURfX1dFQl9QWEwifQ==&advEntityId=1434172&pubEntityId=70774489 HTTP 303
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=cb308c0b-204b-4bf8-b5ae-56b3356caf2b&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Request Chain 259
  • https://pixel.adsafeprotected.com/rfw/st/1434172/70774493/skeleton.gif?xmtp=v&xmapp=0&xsId=cb308c0b-204b-4bf8-b5ae-56b3356caf2b&bidurl=https://lihkg.com/thread/3470022/page/3&ias_campId=1013136622&ias_pubId=pub-3240616428100660&ias_placementId=20224732309&ias_chanId=1&ias_dealId=549644393847793680&ias_impId=v4~~ABAjH0giFuFJ653c_lyseFmbwDr5&ias_dspId=3&ias_creativeId=190295504&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu8_nI1slJg-9bETAWyUnMIndEBZ5MWw6fpTFeX9obfK0OGrQe85ivdqL962FbjRaFFLPpg-lm7DdtsnLSb1lEyY8kWCPYFsaNF7Rlc3Mz5do-M9GVb-o90pSMRBS9q4R9V8BdcbnnrcCw6dT1swLUdCbPPgl7fQ2S3GiapNEX8-Zo36RL-1NmrAwbGXjipf3kpEfQFM0YYUABs&sai=AMfl-YRSVf1LkOA-GbD4CZHFNAxZiORYnAm0_M_KeVBBGzFAFIXlIM2F953LdkGBlwTwXSPPNsYfTVuvLOsjnpXHBrIrVUJeFjwBpg9mTGBoDbHn0YUpUI7CVNE0EmCThKt7HiIygo1G2iKRxRLynG8g4j9fbA&sig=Cg0ArKJSzLIsgKn1aIJBEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=&ias_xappb=&mon=70774493&redirectedRetries=0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=cb308c0b-204b-4bf8-b5ae-56b3356caf2b&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu8_nI1slJg-9bETAWyUnMIndEBZ5MWw6fpTFeX9obfK0OGrQe85ivdqL962FbjRaFFLPpg-lm7DdtsnLSb1lEyY8kWCPYFsaNF7Rlc3Mz5do-M9GVb-o90pSMRBS9q4R9V8BdcbnnrcCw6dT1swLUdCbPPgl7fQ2S3GiapNEX8-Zo36RL-1NmrAwbGXjipf3kpEfQFM0YYUABs&sai=AMfl-YRSVf1LkOA-GbD4CZHFNAxZiORYnAm0_M_KeVBBGzFAFIXlIM2F953LdkGBlwTwXSPPNsYfTVuvLOsjnpXHBrIrVUJeFjwBpg9mTGBoDbHn0YUpUI7CVNE0EmCThKt7HiIygo1G2iKRxRLynG8g4j9fbA&sig=Cg0ArKJSzLIsgKn1aIJBEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=&ias_xappb=&mon=70774493&redirectedRetries=0
Request Chain 261
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIYg_HU5gEgATAB&v=APEucNVhiSXNEFBR27YmrtY0ibJmKSRad_TS0RpOsVz64ALgSdpmJ-djnNsj5UF0fkgP2CnVl5PRKbkPGrOV91qF8PnpODkhBQ HTTP 302
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAxNjk0ODExNDA2NzY2ODkzNA%3D%3D
Request Chain 284
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneidQMGH4fjfjGkcxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIu4wN6C3oADFZSQ_Qcd2qMESg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneidQMGH4fjfjGkcxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidQMGH4fjfjGkcxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidQMGH4fjfjGkcxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023081508201087907091825X117679V1226132702MSviewoneidQMGH4fjfjGkcxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023081508201087907091825X117679V1226132702MSviewoneidQMGH4fjfjGkcxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&partnerid=12218
Request Chain 293
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3DviewoneidmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=COi5wN6C3oADFSfKuwgdHdcE_g;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3DviewoneidmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneidmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneidmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023081508201087907091821X117703V1226132702MSviewoneidmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023081508201087907091821X117703V1226132702MSviewoneidmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117703&partnerid=12218
Request Chain 300
  • https://t.adcell.com/p/view?promoId=309583&slotId=46690&pv=1&htlp=1&subId=oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.restposten.de/?utm_source=ADCELL&utm_medium=Text&utm_campaign=Standard&bid=309583-46690-oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Request Chain 325
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiUVVBUlRJTEUxIiwicHVibGlzaGVyVXVpZCI6ImE1ZGIwMmIwLTJiNzgtNDlhMy04NGZmLTAwNTU5ZDY5N2NiOSIsInNpdGVVdWlkIjoiYWZkZGVmNWQtYzIwNC00MGE5LWI0ZmItOTY1YTE0NWQwNjk2IiwiYmlkUmVxdWVzdCI6eyJzaXRlIjp7InBhZ2UiOiJodHRwczovLzAxNjlmODQ4Zjc0ODBmMTg2YWE5ZjZjNzhjYjIzZDE2LnNhZmVmcmFtZS5nb29nbGVzeW5kaWNhdGlvbi5jb20vIn19LCJjdXN0b20iOnsiY3VzdG9tMSI6IiIsImN1c3RvbTIiOiIyLjAiLCJjdXN0b20zIjoiMi4wIiwiY3VzdG9tNyI6IjE0MzQxNzIiLCJjdXN0b204IjoiNzA3NzQ0ODkiLCJtb25pdG9yaW5nIjoiZmFsc2UiLCJyZWdpb24iOiJpZSIsInhzaWQiOiJjYjMwOGMwYi0yMDRiLTRiZjgtYjVhZS01NmIzMzU2Y2FmMmIifSwidGltZXN0YW1wIjoiMDAwMS0wMS0wMVQwMDowMDowMFoiLCJoZWFkZXJzIjp7ImhlYWRlcjEwIjoiMjAyMjQ3MzIzMDkiLCJoZWFkZXIxMiI6ImFkLmRvdWJsZWNsaWNrLm5ldCIsImhlYWRlcjMiOiJHb29nbGUyIiwiaGVhZGVyNCI6IjciLCJoZWFkZXI4IjoiaWFzbyIsImhlYWRlcjkiOiIifSwiY2IiOiIxNjkyMDgwNDA5ODcwNTY1OTY0IiwiYWREdXJhdGlvbiI6MjExNTA5ODExMiwiaWFzU2luZ2xldGFnIjp0cnVlLCJpYXNTaW5nbGV0YWdPdXRjb21lIjoiT1VUQ09NRV9NX19WQVNUX19PTUlEX19XRUJfUFhMIn0=&advEntityId=1434172&pubEntityId=70774489 HTTP 303
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=cb308c0b-204b-4bf8-b5ae-56b3356caf2b&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A2%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D

348 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 3
lihkg.com/thread/3470022/page/ 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lihkg.com/thread/3470022/page/3?ref=web&post=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
047241f9b27a1c2fc22f3496fde1060687327d8945634fa100369a730ca9cb88
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7f6f546ce83718b9-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 15 Aug 2023 06:20:06 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
style.css
cdn.lihkg.com/assets/web/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.lihkg.com/assets/web/style.css?ver=13032023
Requested by
Host: lihkg.com
URL: https://lihkg.com/thread/3470022/page/3?ref=web&post=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80049bc10543e0e2fe1fc1b66570855de11c11da2023d5a914c57330d0188ff1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:06 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1278152
cf-polished
origSize=6395
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 13 Mar 2023 10:32:06 GMT
server
cloudflare
etag
W/"640efba6-18fb"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7f6f546e59f218b9-FRA
expires
Wed, 14 Aug 2024 06:20:06 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: lihkg.com
URL: https://lihkg.com/thread/3470022/page/3?ref=web&post=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5fd9780c0a531990c400ee663173446c55d9e7cbdd3ccb81385b52801a5b7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28205
x-xss-protection
0
server
cafe
etag
271 / 19584 / m202308080102 / config-hash: 14771428451550081825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 15 Aug 2023 06:20:06 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: lihkg.com
URL: https://lihkg.com/thread/3470022/page/3?ref=web&post=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3bb98dc0c0ce84945810a1e1b2d2ccee86cf390c06f9b986e32b63a7de470ccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50813
x-xss-protection
0
server
cafe
etag
16650924661576107438
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 15 Aug 2023 06:20:06 GMT
js
www.googletagmanager.com/gtag/ 		214 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PPY9Z37CCJ
Requested by
Host: lihkg.com
URL: https://lihkg.com/thread/3470022/page/3?ref=web&post=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1ff6efb7285a05ad8b77cd00a5707fad4119f66513441f2dd307971049a66504
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77564
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 15 Aug 2023 06:20:06 GMT
prebid7.51.0.js
cdn.lihkg.com/assets/js/ 		251 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.lihkg.com/assets/js/prebid7.51.0.js
Requested by
Host: lihkg.com
URL: https://lihkg.com/thread/3470022/page/3?ref=web&post=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e9e9483dc8972e01d5f55bbade4cb00f0ad629dc73e7cfd1224ed2496108cc6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:06 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
938825
cf-polished
origSize=257341
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 26 May 2023 11:40:42 GMT
server
cloudflare
etag
W/"64709aba-3ed3d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7f6f546e59fa18b9-FRA
expires
Tue, 15 Aug 2023 18:20:06 GMT
asyncjs.php
adv.lihkg.com/www/delivery/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adv.lihkg.com/www/delivery/asyncjs.php
Requested by
Host: lihkg.com
URL: https://lihkg.com/thread/3470022/page/3?ref=web&post=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d533fa3a32a5a67dc45519a85bc430007e3c68bde21d01c5e67c2c8b3d4d2cf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:06 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://lihkg.com
content-type
text/javascript;charset=UTF-8
cache-control
private, max-age=3600
expire
Tue, 15 Aug 2023 07:20:06 GMT
cf-ray
7f6f546e59fb18b9-FRA
alt-svc
h3=":443"; ma=86400
misc.js
cdn.lihkg.com/static/2307045067-knk8z/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.lihkg.com/static/2307045067-knk8z/js/misc.js
Requested by
Host: lihkg.com
URL: https://lihkg.com/thread/3470022/page/3?ref=web&post=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebda714b0960b486684f8e18052d2eb1a7afb14dd5d1d87ebf705c1c4af06eb2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:06 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1189260
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 04 Jul 2023 11:18:14 GMT
server
cloudflare
etag
W/"64a3fff6-a61"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7f6f546e59f318b9-FRA
expires
Wed, 14 Aug 2024 06:20:06 GMT
styles.chunk.js
cdn.lihkg.com/static/2307045067-knk8z/js/ 		27 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.lihkg.com/static/2307045067-knk8z/js/styles.chunk.js
Requested by
Host: lihkg.com
URL: https://lihkg.com/thread/3470022/page/3?ref=web&post=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a461002f77d83338ab9aafd8bfd8cb6275f8f6af2ea6a4f8c040d2aad2130f9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:06 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1189260
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 04 Jul 2023 11:18:14 GMT
server
cloudflare
etag
W/"64a3fff6-6a36"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7f6f546e59f418b9-FRA
expires
Wed, 14 Aug 2024 06:20:06 GMT
main.js
cdn.lihkg.com/static/2307045067-knk8z/js/ 		3 MB
784 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js
Requested by
Host: lihkg.com
URL: https://lihkg.com/thread/3470022/page/3?ref=web&post=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08db44d1b93268a2f3b72a2af31bcf207d87714f0f766792c49ed4ccdd2a0e80
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:06 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1189260
cf-polished
origSize=2870133
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 04 Jul 2023 11:18:14 GMT
server
cloudflare
etag
W/"64a3fff6-2bcb75"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7f6f546e59f718b9-FRA
expires
Wed, 14 Aug 2024 06:20:06 GMT
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by
Host: lihkg.com
URL: https://lihkg.com/thread/3470022/page/3?ref=web&post=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer
https://lihkg.com/
Origin
https://lihkg.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:06 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 18:10:27 GMT
server
cloudflare
etag
W/"2023.7.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7f6f546eb865362f-FRA
styles.css
cdn.lihkg.com/static/2307045067-knk8z/css/ 		179 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.lihkg.com/static/2307045067-knk8z/css/styles.css
Requested by
Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/misc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4911d1cc42e734d7ff839ebecc749804c1fb675f2bd496074c87c32429e17b3e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:06 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1189256
cf-polished
origSize=184017
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 04 Jul 2023 11:18:14 GMT
server
cloudflare
etag
W/"64a3fff6-2ced1"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7f6f546eda8618b9-FRA
expires
Wed, 14 Aug 2024 06:20:06 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230815
Requested by
Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/assets/js/prebid7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29e3d11931a3c08fd8f601d41b07cc5d2471ef6f830d447974cb22bb2e85f2d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lihkg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 15 Aug 2023 06:20:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8354
x-jsd-version
1.0.1782
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4583-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"639-54VHLVgiw3jZD3oMPhJf7xwMGY4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qRXgPw65QPl7Uwt%2FRVAFC1bSOVcMuwbjb6uMv394sjGIk0ruIRImoO%2F7bvh3QsxXKyGkKwZobJTHQ5u1FHtAnKBVw4%2BiJTs7xk2LIlD3cc3OcuoWaKdrPn%2F6oRRMgeNlX8HVapDDHfx984fxhWs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7f6f546f7a124d2e-FRA
css
fonts.googleapis.com/ 		2 KB
917 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu+Mono
Requested by
Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
904a56dd8ea11f7ff3aee2ccb4200f2a6ff362ff646eca70b2a973dbfeec9821
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 15 Aug 2023 06:20:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 05:31:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Aug 2023 06:20:06 GMT
property
lihkg.com/api_v2/system/ 		51 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lihkg.com/api_v2/system/property
Requested by
Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
474ff5b21c224b89de971029f5ff8a7876bd4635b224fd6ccfc34f78d0996264
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
X-LI-LOAD-TIME
5.14145392
Referer
https://lihkg.com/thread/3470022/page/3?ref=web&post=6
accept-language
de-DE,de;q=0.9
X-LI-DEVICE-TYPE
browser
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
X-LI-DEVICE
a845df8a46a7c35622ca7e2564ea9b55a6d222d8

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/json;charset=utf-8
li-node
AWS8
cf-ray
7f6f54703b2f1e31-FRA
alt-svc
h3=":443"; ma=86400
invisible.js
lihkg.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/ Frame 16E8
Redirect Chain
  • https://lihkg.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://lihkg.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lihkg.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js
Requested by
Host: lihkg.com
URL: https://lihkg.com/thread/3470022/page/3?ref=web&post=6
Protocol
H3
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0a8d38638d8522c8e1c4e7cbe1127b9142b3c19947ab81831c399814ecc9759
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7f6f5470cbf21e31-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 15 Aug 2023 06:20:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7f6f54708b921e31-FRA
alt-svc
h3=":443"; ma=86400
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/ 		400 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d7e1d11e09ae5619685a66e50267d80bc6b716e2a3d9377b922ead3c32cba527
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 04:42:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
5870
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129236
x-xss-protection
0
server
cafe
etag
3196626984536983108
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 14 Aug 2024 04:42:17 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230810/r20190131/ Frame A60E 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230810/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lihkg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1574
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 05:53:53 GMT
etag
12368291122986407432
expires
Tue, 29 Aug 2023 05:53:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
7f6f546ce83718b9
lihkg.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 16E8 		0
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lihkg.com/cdn-cgi/challenge-platform/h/b/cv/result/7f6f546ce83718b9
Requested by
Host: lihkg.com
URL: https://lihkg.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
7f6f5471cd651e31-FRA
alt-svc
h3=":443"; ma=86400
11.chunk.js
cdn.lihkg.com/static/2307045067-knk8z/js/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.lihkg.com/static/2307045067-knk8z/js/11.chunk.js
Requested by
Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb4d609b5c3a5aec790f8937ce65e69f35303ddbe39cf3588af7bed8ed2a437e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1188751
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 04 Jul 2023 11:18:14 GMT
server
cloudflare
etag
W/"64a3fff6-758d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7f6f5471fd8b1e31-FRA
expires
Wed, 14 Aug 2024 06:20:07 GMT
21.chunk.js
cdn.lihkg.com/static/2307045067-knk8z/js/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.lihkg.com/static/2307045067-knk8z/js/21.chunk.js
Requested by
Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b79061721d5bff6017244edfae8d759856428814d3e0a5c96ddf81c62fc1a778
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1188749
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 04 Jul 2023 11:18:14 GMT
server
cloudflare
etag
W/"64a3fff6-813d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7f6f5471fd941e31-FRA
expires
Wed, 14 Aug 2024 06:20:07 GMT
8.chunk.js
cdn.lihkg.com/static/2307045067-knk8z/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.lihkg.com/static/2307045067-knk8z/js/8.chunk.js
Requested by
Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94e2294df57e775b3da8a4dfeaf427c81efa2a05f808229fcdd4f12646d8a2c7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1186552
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 04 Jul 2023 11:18:14 GMT
server
cloudflare
etag
W/"64a3fff6-b00"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7f6f54720da21e31-FRA
expires
Wed, 14 Aug 2024 06:20:07 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a40bc7c42a924ebfb7c0bc286872aca8d62d090c27977c8f216306a521369828

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
licon.woff2
cdn.lihkg.com/assets/web/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.lihkg.com/assets/web/fonts/licon.woff2?2spcxh
Requested by
Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/assets/web/style.css?ver=13032023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b1a46106fd1a1ddf039f102e746861c90f6da3b4065aa901362503654335467
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.lihkg.com/assets/web/style.css?ver=13032023
Origin
https://lihkg.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
accept-language
bytes
age
1278714
alt-svc
h3=":443"; ma=86400
content-length
13916
last-modified
Mon, 13 Mar 2023 10:32:06 GMT
server
cloudflare
etag
"640efba6-365c"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7f6f54723b513644-FRA
expires
Wed, 14 Aug 2024 06:20:07 GMT
3
lihkg.com/api_v2/thread/3470022/page/ 		36 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lihkg.com/api_v2/thread/3470022/page/3?order=reply_time
Requested by
Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce6f654d6740a537e011c15234f572c461ec28d6c078e7485c964f429cf8c8c9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
X-LI-LOAD-TIME
5.2170326
Referer
https://lihkg.com/thread/3470022/page/3?ref=web&post=6
accept-language
de-DE,de;q=0.9
X-LI-DEVICE-TYPE
browser
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
X-LI-DEVICE
a845df8a46a7c35622ca7e2564ea9b55a6d222d8

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/json;charset=utf-8
li-node
AWS6
cf-ray
7f6f54723de61e31-FRA
alt-svc
h3=":443"; ma=86400
rum
lihkg.com/cdn-cgi/ 		0
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lihkg.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://lihkg.com/thread/3470022/page/3?ref=web&post=6
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
application/json

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://lihkg.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7f6f54731ec51e31-FRA
prebid
pb.lihkg.com/ Frame 7E90 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19
Requested by
Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38f00d6938a8f2a9b7e0d6d8005a5b6be5cb0b1c5c51822119118d95ccd73879
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lihkg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
940
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
7f6f5474a8f318b9-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 15 Aug 2023 06:20:07 GMT
expires
Tue, 15 Aug 2023 06:50:07 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
prebid
pb.lihkg.com/ Frame 7112 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19
Requested by
Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38f00d6938a8f2a9b7e0d6d8005a5b6be5cb0b1c5c51822119118d95ccd73879
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lihkg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
940
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
7f6f5474a8f618b9-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 15 Aug 2023 06:20:07 GMT
expires
Tue, 15 Aug 2023 06:50:07 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
prebid
pb.lihkg.com/ Frame 420A 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19
Requested by
Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38f00d6938a8f2a9b7e0d6d8005a5b6be5cb0b1c5c51822119118d95ccd73879
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lihkg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
940
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
7f6f5474a8f718b9-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 15 Aug 2023 06:20:07 GMT
expires
Tue, 15 Aug 2023 06:50:07 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
f5-sprite.png
cdn.lihkg.com/static/2307045067-knk8z/media/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lihkg.com/static/2307045067-knk8z/media/f5-sprite.png
Requested by
Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f03b94344821d98d8d849415345f53de7c9eb39fe0e5b4862eb1067332d7d79
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.lihkg.com/static/2307045067-knk8z/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
1188749
cf-polished
origFmt=png, origSize=11433
content-disposition
inline; filename="f5-sprite.webp"
alt-svc
h3=":443"; ma=86400
content-length
10656
cf-bgj
imgq:100,h2pri
last-modified
Tue, 04 Jul 2023 11:18:14 GMT
server
cloudflare
etag
"64a3fff6-2ca9"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7f6f5474b8ba1e31-FRA
expires
Thu, 14 Sep 2023 06:20:07 GMT
f5bouncer.png
cdn.lihkg.com/static/2307045067-knk8z/media/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lihkg.com/static/2307045067-knk8z/media/f5bouncer.png
Requested by
Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d18956c21464cd32c3ce93f61bbb47b3e24d58ca2680702c7c84a37cdbacc54e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.lihkg.com/static/2307045067-knk8z/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
1189198
cf-polished
origFmt=png, origSize=11486
content-disposition
inline; filename="f5bouncer.webp"
alt-svc
h3=":443"; ma=86400
content-length
9858
cf-bgj
imgq:100,h2pri
last-modified
Tue, 04 Jul 2023 11:18:14 GMT
server
cloudflare
etag
"64a3fff6-2cde"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7f6f5474b8bc1e31-FRA
expires
Thu, 14 Sep 2023 06:20:07 GMT
hb
cpm.bidmyqps.xyz/ 		0
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.bidmyqps.xyz/hb?zone=195139&v=1.6
Requested by
Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/assets/js/prebid7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://lihkg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 15 Aug 2023 06:20:07 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://lihkg.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
0
apnet
gocm.c.appier.net/
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
0
0
prebid
prebid.ad.smaato.net/oapi/ 		0
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/assets/js/prebid7.51.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
63.32.81.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-81-34.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://lihkg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin
https://lihkg.com
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
be38613f-3e25-9951-ecf8-ec437f4e51d6
prebid
prebid.ad.smaato.net/oapi/ 		0
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/assets/js/prebid7.51.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
63.32.81.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-81-34.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://lihkg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin
https://lihkg.com
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
4e9d61d0-c8f1-c3ec-cc2a-e8e194aff2de
header
hb.aralego.com/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-772A2EBB6B843764FB988777722AD229&tdid=&schain=&gpid=%2F244621734%2Fprebid-post&eids=&pubcid=edf6c2f1-fa45-4408-998d-36d92c9ed16e&u=https%3A%2F%2Flihkg.com%2Fthread%2F3470022%2Fpage%2F3%3Fref%3Dweb%26post%3D6&host=lihkg.com&w=336&h=280
Requested by
Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/assets/js/prebid7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://lihkg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://lihkg.com
date
Tue, 15 Aug 2023 06:20:07 GMT
access-control-allow-credentials
true
connection
close
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/ 		372 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3240616428100660&plah=lihkg.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
071d8fbbb33f94eb57114e22fd9bf77c10cd763dd94c6485d3521f89a5547cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128451
x-xss-protection
0
server
cafe
etag
13759535693312580028
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 15 Aug 2023 06:20:07 GMT
destination
www.googletagmanager.com/gtag/ 		203 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-L8WS4GS6YR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PPY9Z37CCJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
290f09cbc43aaa13de69f75f2f9977f5bc8826c77ce75bce064436b97a5c1a9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74806
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 15 Aug 2023 06:20:07 GMT
collect
region1.analytics.google.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-PPY9Z37CCJ&gtm=45je3890&_p=1772006471&_gaz=1&cid=433030508.1692080408&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2Fthread%2F3470022%2F&sid=1692080407&sct=1&seg=0&dl=https%3A%2F%2Flihkg.com%2Fthread%2F3470022%2Fpage%2F3%3Fref%3Dweb%26post%3D6&dt=%233470022%23%E4%BB%8A%E6%97%A5%E4%BF%BE%E5%80%8B%E8%81%B7%E5%93%A1%E5%8F%AB%E6%88%91%E5%8E%BB%E7%9F%B3%E9%96%80%E6%8B%8E%E5%AD%B8%E7%94%9F%E8%AD%89&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&upn.darkMode=1&upn.splitMode=1&upn.staticIcons=0&upn.limitContainerSize=1&upn.isLoggedIn=0&upn.officeMode=0&upn.fakeOfficeMode=0&up.cat_id_19_thread_id=3470022&up.thread_id=3470022
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PPY9Z37CCJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lihkg.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
241 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PPY9Z37CCJ&cid=433030508.1692080408&gtm=45je3890&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PPY9Z37CCJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lihkg.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clown.gif
cdn.lihkg.com/assets/faces/normal/ 		179 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lihkg.com/assets/faces/normal/clown.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ed2a584ee1368ea53d5ad19adcf8bd9aa9d260d1489a41f9ddcac11db82a4bb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
2221097
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
179
cf-bgj
imgq:100,h2pri
last-modified
Wed, 13 Jul 2022 10:56:19 GMT
server
cloudflare
etag
"62cea4d3-b3"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7f6f547519471e31-FRA
expires
Thu, 14 Sep 2023 06:20:07 GMT
sosad.gif
cdn.lihkg.com/assets/faces/normal/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lihkg.com/assets/faces/normal/sosad.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb102dd118baa664f3e341180820bf8daaf721a447a37b765d161fc54becf112
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
567651
cf-polished
origSize=1531, status=webp_bigger
alt-svc
h3=":443"; ma=86400
content-length
1525
cf-bgj
imgq:100,h2pri
last-modified
Wed, 13 Jul 2022 10:56:19 GMT
server
cloudflare
etag
"62cea4d3-5fb"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7f6f547519491e31-FRA
expires
Thu, 14 Sep 2023 06:20:07 GMT
smile.gif
cdn.lihkg.com/assets/faces/dog/ 		763 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lihkg.com/assets/faces/dog/smile.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
deb23b71b7aebe4ff504f8df4215ba417469dc6b8cf40f8755f1ad9657f5d43e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
2126076
cf-polished
origSize=764, status=webp_bigger
alt-svc
h3=":443"; ma=86400
content-length
763
cf-bgj
imgq:100,h2pri
last-modified
Wed, 13 Jul 2022 10:56:19 GMT
server
cloudflare
etag
"62cea4d3-2fc"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7f6f5475194b1e31-FRA
expires
Thu, 14 Sep 2023 06:20:07 GMT
good.gif
cdn.lihkg.com/assets/faces/normal/ 		139 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lihkg.com/assets/faces/normal/good.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb576e03eb610d3af28916b86aa93125748dd242d8449878ac22c61fe7dd9f4c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
498193
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
139
cf-bgj
imgq:100,h2pri
last-modified
Wed, 13 Jul 2022 10:56:19 GMT
server
cloudflare
etag
"62cea4d3-8b"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7f6f5475194c1e31-FRA
expires
Thu, 14 Sep 2023 06:20:07 GMT
bomb.gif
cdn.lihkg.com/assets/faces/normal/ 		344 B
657 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lihkg.com/assets/faces/normal/bomb.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e55c8893419a1bffacc72ceede20525c0479dc2fa9a8b9d7871498a5dfa0b01
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
accept-language
bytes
age
1022222
cf-polished
origSize=348, status=webp_bigger
alt-svc
h3=":443"; ma=86400
content-length
344
cf-bgj
imgq:100,h2pri
last-modified
Wed, 13 Jul 2022 10:56:19 GMT
server
cloudflare
etag
"62cea4d3-15c"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7f6f5475194e1e31-FRA
expires
Thu, 14 Sep 2023 06:20:07 GMT
wonder2.gif
cdn.lihkg.com/assets/faces/normal/ 		344 B
674 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lihkg.com/assets/faces/normal/wonder2.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4185841d877331f802e06d23de2a3797b7cb639bf58c40e59ced4ef7f93ef2dc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
179694
cf-polished
origFmt=gif, origSize=1221
content-disposition
inline; filename="wonder2.webp"
alt-svc
h3=":443"; ma=86400
content-length
344
cf-bgj
imgq:100,h2pri
last-modified
Wed, 13 Jul 2022 10:56:19 GMT
server
cloudflare
etag
"62cea4d3-4c5"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7f6f5475194f1e31-FRA
expires
Thu, 14 Sep 2023 06:20:07 GMT
tongue.gif
cdn.lihkg.com/assets/faces/normal/ 		192 B
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lihkg.com/assets/faces/normal/tongue.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae9c22f7556512d13795b204b4bd6c4243326dd20e9afb418ba3b79677dc8f3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
accept-language
bytes
age
1829964
cf-polished
origFmt=gif, origSize=234
content-disposition
inline; filename="tongue.webp"
alt-svc
h3=":443"; ma=86400
content-length
192
cf-bgj
imgq:100,h2pri
last-modified
Wed, 13 Jul 2022 10:56:19 GMT
server
cloudflare
etag
"62cea4d3-ea"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7f6f547519511e31-FRA
expires
Thu, 14 Sep 2023 06:20:07 GMT
wail.gif
cdn.lihkg.com/assets/faces/pig/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lihkg.com/assets/faces/pig/wail.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0eba1ebb00bb4e5cc0aea5108a2071bbe7678b206d38fa16298121b2394fb7b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
accept-language
bytes
age
1081062
cf-polished
origFmt=gif, origSize=2259
content-disposition
inline; filename="wail.webp"
alt-svc
h3=":443"; ma=86400
content-length
1308
cf-bgj
imgq:100,h2pri
last-modified
Wed, 13 Jul 2022 10:56:19 GMT
server
cloudflare
etag
"62cea4d3-8d3"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7f6f547519521e31-FRA
expires
Thu, 14 Sep 2023 06:20:07 GMT
cry.gif
cdn.lihkg.com/assets/faces/normal/ 		230 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lihkg.com/assets/faces/normal/cry.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edb3388b1e98ed93b6c225da2643cff004fb7bc8c2f5ca8d0caea7502ace3eb8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
1848425
cf-polished
origSize=469, status=webp_bigger
alt-svc
h3=":443"; ma=86400
content-length
230
cf-bgj
imgq:100,h2pri
last-modified
Wed, 13 Jul 2022 10:56:19 GMT
server
cloudflare
etag
"62cea4d3-1d5"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7f6f547519531e31-FRA
expires
Thu, 14 Sep 2023 06:20:07 GMT
haha.gif
cdn.lihkg.com/assets/faces/dog/ 		605 B
910 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lihkg.com/assets/faces/dog/haha.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b009a457899d38051b66550fef78790dc412c6ee13553f4f00f49a03eb8bbb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
550141
cf-polished
origSize=613, status=webp_bigger
alt-svc
h3=":443"; ma=86400
content-length
605
cf-bgj
imgq:100,h2pri
last-modified
Wed, 13 Jul 2022 10:56:19 GMT
server
cloudflare
etag
"62cea4d3-265"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7f6f547519551e31-FRA
expires
Thu, 14 Sep 2023 06:20:07 GMT
agree.gif
cdn.lihkg.com/assets/faces/lm2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lihkg.com/assets/faces/lm2/agree.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe9e0ffaf83ecb2aad753fa013a4730d032a66ded5fb55eada9a2751e2fd43fb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
accept-language
bytes
age
631867
cf-polished
origFmt=gif, origSize=1114
content-disposition
inline; filename="agree.webp"
alt-svc
h3=":443"; ma=86400
content-length
1052
cf-bgj
imgq:100,h2pri
last-modified
Wed, 13 Jul 2022 10:56:19 GMT
server
cloudflare
etag
"62cea4d3-45a"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7f6f547519561e31-FRA
expires
Thu, 14 Sep 2023 06:20:07 GMT
angry.gif
cdn.lihkg.com/assets/faces/normal/ 		164 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lihkg.com/assets/faces/normal/angry.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34e241f1a6ebfdffcfcbfc288d5dc00ba2c7ee85d73cd9a6179b3337b6376872
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
2142408
cf-polished
origFmt=gif, origSize=173
content-disposition
inline; filename="angry.webp"
alt-svc
h3=":443"; ma=86400
content-length
164
cf-bgj
imgq:100,h2pri
last-modified
Wed, 13 Jul 2022 10:56:19 GMT
server
cloudflare
etag
"62cea4d3-ad"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7f6f547519571e31-FRA
expires
Thu, 14 Sep 2023 06:20:07 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PPY9Z37CCJ&cid=433030508.1692080408&gtm=45je3890&aip=1&z=95076843
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
category
lihkg.com/api_v2/thread/ 		63 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lihkg.com/api_v2/thread/category?cat_id=19&page=1&count=60
Requested by
Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f13d6ca962d08b188c15b5f7e9c6c299f403491b8177670a70ceb978575d7c9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
X-LI-LOAD-TIME
5.2760571
Referer
https://lihkg.com/thread/3470022/page/3?ref=web&post=6
accept-language
de-DE,de;q=0.9
X-LI-DEVICE-TYPE
browser
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
X-LI-DEVICE
a845df8a46a7c35622ca7e2564ea9b55a6d222d8

Response headers

date
Tue, 15 Aug 2023 06:20:08 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/json;charset=utf-8
li-node
AWS8
cf-ray
7f6f5475295d1e31-FRA
alt-svc
h3=":443"; ma=86400
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-aa04"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 16 Aug 2023 06:20:07 GMT
asyncspc.php
adv.lihkg.com/www/delivery/ 		417 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adv.lihkg.com/www/delivery/asyncspc.php?zones=9&prefix=revive-0-&target=_blank&prebid=1&platform=web&theme=light&cat-id=19&sub-cat-id=0&hot=1&adu=0&member=0&loc=https%3A%2F%2Flihkg.com%2Fthread%2F3470022%2Fpage%2F3
Requested by
Host: adv.lihkg.com
URL: https://adv.lihkg.com/www/delivery/asyncjs.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb19fdd06855efd51742e0080757c085793fd07b0753262b3bae14b960275cb5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:08 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://lihkg.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-turbo-charged-by
LiteSpeed
cf-ray
7f6f547549791e31-FRA
expires
0
prebid7.51.0.js
pb.lihkg.com/js/ Frame 7E90 		251 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pb.lihkg.com/js/prebid7.51.0.js
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e9e9483dc8972e01d5f55bbade4cb00f0ad629dc73e7cfd1224ed2496108cc6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
6985246
cf-polished
origSize=257341
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 26 May 2023 09:44:34 GMT
server
cloudflare
etag
W/"3ed3d-18857721436"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
cf-ray
7f6f547559881e31-FRA
expires
Thu, 14 Sep 2023 06:20:07 GMT
prebid7.51.0.js
pb.lihkg.com/js/ Frame 7112 		251 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pb.lihkg.com/js/prebid7.51.0.js
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e9e9483dc8972e01d5f55bbade4cb00f0ad629dc73e7cfd1224ed2496108cc6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
6985246
cf-polished
origSize=257341
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 26 May 2023 09:44:34 GMT
server
cloudflare
etag
W/"3ed3d-18857721436"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
cf-ray
7f6f547559891e31-FRA
expires
Thu, 14 Sep 2023 06:20:07 GMT
prebid7.51.0.js
pb.lihkg.com/js/ Frame 420A 		251 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pb.lihkg.com/js/prebid7.51.0.js
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e9e9483dc8972e01d5f55bbade4cb00f0ad629dc73e7cfd1224ed2496108cc6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
6985246
cf-polished
origSize=257341
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 26 May 2023 09:44:34 GMT
server
cloudflare
etag
W/"3ed3d-18857721436"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
cf-ray
7f6f5475598c1e31-FRA
expires
Thu, 14 Sep 2023 06:20:07 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-L8WS4GS6YR&gtm=45je3890&_p=1772006471&cid=433030508.1692080408&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2Fthread%2F3470022%2F&sid=1692080407&sct=1&seg=0&dl=https%3A%2F%2Flihkg.com%2Fthread%2F3470022%2Fpage%2F3&dt=%233470022%23%E4%BB%8A%E6%97%A5%E4%BF%BE%E5%80%8B%E8%81%B7%E5%93%A1%E5%8F%AB%E6%88%91%E5%8E%BB%E7%9F%B3%E9%96%80%E6%8B%8E%E5%AD%B8%E7%94%9F%E8%AD%89&en=page_view&_fv=1&_ss=1&_ee=1&upn.darkMode=1&upn.splitMode=1&upn.staticIcons=0&upn.limitContainerSize=1&upn.isLoggedIn=0&upn.officeMode=0&upn.fakeOfficeMode=0&up.cat_id_19_thread_id=3470022&up.thread_id=3470022
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-L8WS4GS6YR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lihkg.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid
prebid.ad.smaato.net/oapi/ Frame 7E90 		0
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
63.32.81.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-81-34.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pb.lihkg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 15 Aug 2023 06:20:08 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin
https://pb.lihkg.com
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
2aa61aaa-f65d-c517-0966-fad4ef763317
prebid
prebid.ad.smaato.net/oapi/ Frame 7E90 		0
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
63.32.81.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-81-34.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pb.lihkg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 15 Aug 2023 06:20:08 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin
https://pb.lihkg.com
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
ccce67bc-9ae5-3049-769d-9c4217fa427d
header
hb.aralego.com/ Frame 7E90 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-772A2EBB6B843764FB988777722AD229&tdid=&schain=&fp=0.03&eids=&pubcid=1f9ec9c3-da21-455a-ab7c-3b67ef6415de&u=https%3A%2F%2Flihkg.com%2F&host=lihkg.com&ao=https%3A%2F%2Flihkg.com&w=336&h=280
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pb.lihkg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pb.lihkg.com
date
Tue, 15 Aug 2023 06:20:07 GMT
access-control-allow-credentials
true
connection
close
hb
cpm.bidmyqps.xyz/ Frame 7E90 		0
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.bidmyqps.xyz/hb?zone=195139&v=1.6
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pb.lihkg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 15 Aug 2023 06:20:08 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://pb.lihkg.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
0
apnet
gocm.c.appier.net/ Frame 7E90
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
0
0
header
hb.aralego.com/ Frame 7112 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-772A2EBB6B843764FB988777722AD229&tdid=&schain=&fp=0.03&eids=&pubcid=1f9ec9c3-da21-455a-ab7c-3b67ef6415de&u=https%3A%2F%2Flihkg.com%2F&host=lihkg.com&ao=https%3A%2F%2Flihkg.com&w=336&h=280
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pb.lihkg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pb.lihkg.com
date
Tue, 15 Aug 2023 06:20:07 GMT
access-control-allow-credentials
true
connection
close
prebid
prebid.ad.smaato.net/oapi/ Frame 7112 		0
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
63.32.81.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-81-34.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pb.lihkg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 15 Aug 2023 06:20:08 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin
https://pb.lihkg.com
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
4cfe15e8-1f5a-a97f-cbf8-1b1447b4bd8b
prebid
prebid.ad.smaato.net/oapi/ Frame 7112 		0
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
63.32.81.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-81-34.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pb.lihkg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 15 Aug 2023 06:20:08 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin
https://pb.lihkg.com
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
10abaec0-1884-7c8d-c88f-194d7fb0d6eb
apnet
gocm.c.appier.net/ Frame 7112
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
0
0
hb
cpm.bidmyqps.xyz/ Frame 7112 		0
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.bidmyqps.xyz/hb?zone=195139&v=1.6
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pb.lihkg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 15 Aug 2023 06:20:07 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://pb.lihkg.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
0
cookie.js
partner.googleadservices.com/gampad/ 		385 B
599 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=lihkg.com&callback=_gfp_s_&client=ca-pub-3240616428100660
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3240616428100660&plah=lihkg.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc23ad240914cb58e6f6aed5c1110cdc54d7b903255d03bda85017e43e29d195
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
247
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7DD8 		430 B
427 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3240616428100660&output=html&h=250&slotname=9808563034&adk=532204820&adf=386049263&pi=t.ma~as.9808563034&w=320&lmt=1692073208&format=320x250&url=https%3A%2F%2Flihkg.com%2Fthread%2F3470022%2Fpage%2F3&region=16920804077754695&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080407834&bpp=3&bdt=1069&idt=203&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&correlator=1614981858246&frm=20&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080408&ga_hid=1772006471&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=353&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077088%2C44795921%2C44796632%2C44799571&oid=2&pvsid=842651503506098&tmod=2018204529&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=OO7Im7g5FI&p=https%3A//lihkg.com&dtd=224
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3240616428100660&plah=lihkg.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f3f5ab77023fa556dbdcb6551c9afde7c9ac733328d50d359e34ecefc66ac0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lihkg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
207
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 06:20:08 GMT
expires
Tue, 15 Aug 2023 06:20:08 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230810&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3240616428100660&plah=lihkg.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d3e37bf59e7d193b7c0699c5b338ba747737bc513f209e5447b6274fad653bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11596
x-xss-protection
0
flurry
pb.lihkg.com/ Frame 30D1
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=250&slotname=9106605872%2F5521398132&adk=3524170298&adf=2689791701&pi=t.ma~as.9106605872%2F55213981_&w=32...
  • https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
1 KB
797 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3240616428100660&plah=lihkg.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fb66cda8a7f6b544f761bba57abfdadd810eece869cc49f5c4fdb97eda7271c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lihkg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
110
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
7f6f5477cca81e31-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 15 Aug 2023 06:20:08 GMT
expires
Tue, 15 Aug 2023 06:50:08 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 06:20:08 GMT
location
https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 5319 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=lihkg.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://lihkg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 06:20:07 GMT
server
Kestrel
server-processing-duration-in-ticks
233909
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
header
hb.aralego.com/ Frame 420A 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-772A2EBB6B843764FB988777722AD229&tdid=&schain=&fp=0.03&eids=&pubcid=1f9ec9c3-da21-455a-ab7c-3b67ef6415de&u=https%3A%2F%2Flihkg.com%2F&host=lihkg.com&ao=https%3A%2F%2Flihkg.com&w=336&h=280
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pb.lihkg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pb.lihkg.com
date
Tue, 15 Aug 2023 06:20:07 GMT
access-control-allow-credentials
true
connection
close
prebid
prebid.ad.smaato.net/oapi/ Frame 420A 		0
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
63.32.81.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-81-34.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pb.lihkg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 15 Aug 2023 06:20:08 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin
https://pb.lihkg.com
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
38a140f3-0385-1d29-329d-c819ccb83e56
prebid
prebid.ad.smaato.net/oapi/ Frame 420A 		0
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
63.32.81.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-81-34.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pb.lihkg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 15 Aug 2023 06:20:08 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin
https://pb.lihkg.com
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
420458b3-2179-b993-7230-1ae52b9aaff7
hb
cpm.bidmyqps.xyz/ Frame 420A 		0
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.bidmyqps.xyz/hb?zone=195139&v=1.6
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pb.lihkg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 15 Aug 2023 06:20:08 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://pb.lihkg.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
0
apnet
gocm.c.appier.net/ Frame 420A
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
0
0
flurry
pb.lihkg.com/ Frame F99C
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=250&slotname=9106605872%2F5521398132&adk=3524170298&adf=1425298232&pi=t.ma~as.9106605872%2F55213981_&w=32...
  • https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
1 KB
797 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3240616428100660&plah=lihkg.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fb66cda8a7f6b544f761bba57abfdadd810eece869cc49f5c4fdb97eda7271c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lihkg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
110
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
7f6f5479bf001e31-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 15 Aug 2023 06:20:08 GMT
expires
Tue, 15 Aug 2023 06:50:08 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 06:20:08 GMT
location
https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
lg.php
adv.lihkg.com/www/delivery/ 		43 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adv.lihkg.com/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=9&loc=https%3A%2F%2Flihkg.com%2Fthread%2F3470022%2Fpage%2F3&cb=0101f5fb84
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:08 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-turbo-charged-by
LiteSpeed
cf-ray
7f6f5476cb271e31-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0
ads
googleads.g.doubleclick.net/pagead/ Frame 46AE 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3240616428100660&output=html&adk=1812271804&adf=3025194257&lmt=1692073208&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Flihkg.com%2Fthread%2F3470022%2Fpage%2F3&ea=0&region=16920804077754695&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080407853&bpp=2&bdt=1088&idt=268&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=320x250&nras=1&correlator=1614981858246&frm=20&pv=1&ga_vid=433030508.1692080408&ga_sid=1692080408&ga_hid=1772006471&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077088%2C44795921%2C44796632%2C44799571&oid=2&pvsid=842651503506098&tmod=2018204529&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=280
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3240616428100660&plah=lihkg.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lihkg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 06:20:08 GMT
expires
Tue, 15 Aug 2023 06:20:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=loader&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=loader&ign=false&pw=1600&ph=1200&x=0&y=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3240616428100660&plah=lihkg.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 15 Aug 2023 06:20:08 GMT
sid
mug.criteo.com/ Frame 5319
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=lihkg.com&sn=ChromeSyncframe&so=0&topUrl=lihkg.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=KRVQ_nxGeWtzdUQvVG9nQ2VrQktsT0lYL3pHYkdTSFQ0NlhRYy8ydXkzNkFGbFJCQk95YSs0ZWJ2TnBFWFVuMDJPL1BIUjZLRUNITWdJTUczdjZQZTB0RFBtSWl0czNzbEpiNGJkMGR1R2JRWE5JcUcyZmZQZDVIb09UcE...
419 B
647 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=KRVQ_nxGeWtzdUQvVG9nQ2VrQktsT0lYL3pHYkdTSFQ0NlhRYy8ydXkzNkFGbFJCQk95YSs0ZWJ2TnBFWFVuMDJPL1BIUjZLRUNITWdJTUczdjZQZTB0RFBtSWl0czNzbEpiNGJkMGR1R2JRWE5JcUcyZmZQZDVIb09UcEMzM09iQXN6dEIrNklzWjZ0V0ZObTZ3MUF3L3c2Vjhaa1gzVTJodStNWVJSWmRjVnJyMHJIQnpnandjeFNPTFpHa2dXTE1lT3AzbVNuOTJyWDVwdHBQWHZaRVM4NjRURG9lUUVzUlhjOEMzV2hURXQ2VlBZUUFQbEJ5aHRGbEpCQUJtdHI0N1U5SEJkTUlpK3V1Q2EzUnVqRnV5N0pUUT09fA&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
54d2e7e97df5334b33b98523847b7d2d8db895fd256ca3459ecc543cc15e6e67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:07 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1121948
expires
0

Redirect headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:07 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=KRVQ_nxGeWtzdUQvVG9nQ2VrQktsT0lYL3pHYkdTSFQ0NlhRYy8ydXkzNkFGbFJCQk95YSs0ZWJ2TnBFWFVuMDJPL1BIUjZLRUNITWdJTUczdjZQZTB0RFBtSWl0czNzbEpiNGJkMGR1R2JRWE5JcUcyZmZQZDVIb09UcEMzM09iQXN6dEIrNklzWjZ0V0ZObTZ3MUF3L3c2Vjhaa1gzVTJodStNWVJSWmRjVnJyMHJIQnpnandjeFNPTFpHa2dXTE1lT3AzbVNuOTJyWDVwdHBQWHZaRVM4NjRURG9lUUVzUlhjOEMzV2hURXQ2VlBZUUFQbEJ5aHRGbEpCQUJtdHI0N1U5SEJkTUlpK3V1Q2EzUnVqRnV5N0pUUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
266660
content-length
0
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9C00 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lihkg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
5148
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 04:54:20 GMT
expires
Wed, 14 Aug 2024 04:54:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3917 		831 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3513954423d5cc0e06dd8a6d367f6cd0c4dcbf285c080d12cc1b2f476e52210d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DLajHnVTx_VI-qSVRPnIfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lihkg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
533
content-security-policy
script-src 'report-sample' 'nonce-DLajHnVTx_VI-qSVRPnIfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 06:20:08 GMT
expires
Tue, 15 Aug 2023 06:20:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
flurry6.css
pb.lihkg.com/css/ Frame 30D1 		2 KB
949 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pb.lihkg.com/css/flurry6.css?v=5
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8543eee7ce49564643fa813ae7f87accf93f9a845c8c14aa0eb75c93ec0174bb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:08 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1325735
cf-polished
origSize=2441
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 26 May 2023 10:34:44 GMT
server
cloudflare
etag
W/"989-18857a00520"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=2592000
cf-ray
7f6f54784d211e31-FRA
expires
Thu, 14 Sep 2023 06:20:08 GMT
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame 9C00 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:00:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
65995
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Aug 2024 12:00:13 GMT
native.js
s.yimg.com/dy/ads/ Frame 30D1 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/dy/ads/native.js
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:13:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
Q8PDK4ES78J89DPJ
age
384
x-amz-server-side-encryption
AES256
x-amz-id-2
G+bkLxXv/P6KpSaTbLDbehoQSpJ9qYj29PHvZ7h2WqCgNxIJpyq7T15+LUQWqrraxHbP8DsVJvc=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Feb 2023 17:58:02 GMT
server
ATS
etag
"1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
accept-ranges
bytes
sodar
pagead2.googlesyndication.com/pagead/ Frame 3917 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230810&jk=842651503506098&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
getAds.do
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 30D1 		239 B
568 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=af0df10b-65bf-42ae-9b7f-1a1dc9396bb1&apiKey=3HZV7WJSJ82YGVYV89M4&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fpb.lihkg.com%2Fflurry&caps=16&cb=jsonpCallback0
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
o2.ycpi.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
3aaebb44fa7aff9f07c039c9678ca52b7a5277c15af947834950663fa31b5da5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
date
Tue, 15 Aug 2023 06:20:08 GMT
server
ATS
age
0
x-content-type-options
nosniff
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
x-envoy-upstream-service-time
8
x-xss-protection
1; mode=block
x-request-id
39431920-2c7f-49a4-a342-37ab31145719
b
geo.yahoo.com/ Frame 30D1 		43 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geo.yahoo.com/b?t=xhkd7&9sdk8454
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:08 GMT
strict-transport-security
max-age=31536000
server
ATS
age
0
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
1
content-length
43
generate_204
tpc.googlesyndication.com/ Frame 9C00 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?uNiqxQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:08 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
flurry6.css
pb.lihkg.com/css/ Frame F99C 		2 KB
949 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pb.lihkg.com/css/flurry6.css?v=5
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8543eee7ce49564643fa813ae7f87accf93f9a845c8c14aa0eb75c93ec0174bb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:08 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1325735
cf-polished
origSize=2441
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 26 May 2023 10:34:44 GMT
server
cloudflare
etag
W/"989-18857a00520"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=2592000
cf-ray
7f6f547ac81e1e31-FRA
expires
Thu, 14 Sep 2023 06:20:08 GMT
native.js
s.yimg.com/dy/ads/ Frame F99C 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/dy/ads/native.js
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:13:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
Q8PDK4ES78J89DPJ
age
384
x-amz-server-side-encryption
AES256
x-amz-id-2
G+bkLxXv/P6KpSaTbLDbehoQSpJ9qYj29PHvZ7h2WqCgNxIJpyq7T15+LUQWqrraxHbP8DsVJvc=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Feb 2023 17:58:02 GMT
server
ATS
etag
"1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
accept-ranges
bytes
ads
securepubads.g.doubleclick.net/gampad/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=842651503506098&correlator=2041704488492378&eid=31076868%2C44780989%2C31076770&output=ldjh&gdfp_req=1&vrg=202308080102&ptt=17&impl=fif&iu_parts=244621734%2Cprebid-post&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&abxe=1&dt=1692080408867&lmt=1692073208&adxs=619&adys=480&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Flihkg.com%2Fthread%2F3470022%2Fpage%2F3&frm=20&vis=1&psz=336x254&msz=336x0&fws=4&ohw=336&ga_vid=433030508.1692080408&ga_sid=1692080408&ga_hid=1772006471&ga_fc=true&dlt=1692080406765&idt=629&prev_scp=theme%3Dlight%26platform%3Dmobile-web%26is_mobile%3D1%26category_id%3D19%26is_adu%3D0%26is_hot%3D1%26is_member%3D1&adks=2803775594
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bba98ad69528680c4ffb033d3308d94c6b621fb798b2107a048c8bd441a63a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:09 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29758
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://lihkg.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 093B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lihkg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 06:20:08 GMT
expires
Wed, 14 Aug 2024 06:20:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
smj
pb.lihkg.com/ Frame 6059 		1022 B
659 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.lihkg.com/smj?theme=light&passback=1&platform=mobile-web&is_mobile=1
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
846ab283855ddafc646f26a469d6c6c1b5a1f59f5d90ca195001e6a9ba943a43
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
934
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
7f6f547b89041e31-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 15 Aug 2023 06:20:08 GMT
expires
Tue, 15 Aug 2023 06:50:08 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
b
geo.yahoo.com/ Frame F99C 		43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geo.yahoo.com/b?t=xhkd7&9sdk8454
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:08 GMT
strict-transport-security
max-age=31536000
server
ATS
age
0
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
0
content-length
43
getAds.do
ads.yap.yahoo.com/nosdk/wj/v1/ Frame F99C 		239 B
311 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=af0df10b-65bf-42ae-9b7f-1a1dc9396bb1&apiKey=3HZV7WJSJ82YGVYV89M4&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fpb.lihkg.com%2Fflurry&caps=16&cb=jsonpCallback0
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
o2.ycpi.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
3aaebb44fa7aff9f07c039c9678ca52b7a5277c15af947834950663fa31b5da5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
date
Tue, 15 Aug 2023 06:20:08 GMT
server
ATS
age
0
x-content-type-options
nosniff
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
x-envoy-upstream-service-time
7
x-xss-protection
1; mode=block
x-request-id
24b32373-8a64-4f07-a169-7bedeec5f0e0
ysm_lihkg.js
ad.sitemaji.com/ Frame 6059 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_lihkg.js
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/smj?theme=light&passback=1&platform=mobile-web&is_mobile=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
13f8092344fdfa408598d877884fd5cbb8d0b15009a84edd1e63ab2a351d82b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 01:30:19 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 31 Jul 2023 09:23:53 GMT
server
nginx/1.12.1 (Ubuntu)
age
17389
etag
W/"64c77da9-547b"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6865
expires
Wed, 16 Aug 2023 01:30:19 GMT
smj
pb.lihkg.com/ Frame 695E 		1022 B
659 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.lihkg.com/smj?theme=light&passback=1&platform=mobile-web&is_mobile=1
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
846ab283855ddafc646f26a469d6c6c1b5a1f59f5d90ca195001e6a9ba943a43
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
935
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
7f6f547c39b81e31-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 15 Aug 2023 06:20:09 GMT
expires
Tue, 15 Aug 2023 06:50:09 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 7E90 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
172d0e01dfabdf44d60ea049275cd330ff500b05736112fd69f4bcd25ceb2be8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50806
x-xss-protection
0
server
cafe
etag
1422444058213314359
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 15 Aug 2023 06:20:09 GMT
native.js
s.yimg.com/dy/ads/ Frame 6059 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/dy/ads/native.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_lihkg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:13:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
Q8PDK4ES78J89DPJ
age
385
x-amz-server-side-encryption
AES256
x-amz-id-2
G+bkLxXv/P6KpSaTbLDbehoQSpJ9qYj29PHvZ7h2WqCgNxIJpyq7T15+LUQWqrraxHbP8DsVJvc=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Feb 2023 17:58:02 GMT
server
ATS
etag
"1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
accept-ranges
bytes
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 7112 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eff08ea1c026782b219ae2d21e0f828037b54dd3783a034dafc4edecf532c5e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50808
x-xss-protection
0
server
cafe
etag
14457907086220056209
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 15 Aug 2023 06:20:09 GMT
ysm_lihkg.js
ad.sitemaji.com/ Frame 695E 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_lihkg.js
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/smj?theme=light&passback=1&platform=mobile-web&is_mobile=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
13f8092344fdfa408598d877884fd5cbb8d0b15009a84edd1e63ab2a351d82b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 01:30:19 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 31 Jul 2023 09:23:53 GMT
server
nginx/1.12.1 (Ubuntu)
age
17390
etag
W/"64c77da9-547b"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6865
expires
Wed, 16 Aug 2023 01:30:19 GMT
native.js
s.yimg.com/dy/ads/ Frame 695E 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/dy/ads/native.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_lihkg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:13:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
Q8PDK4ES78J89DPJ
age
385
x-amz-server-side-encryption
AES256
x-amz-id-2
G+bkLxXv/P6KpSaTbLDbehoQSpJ9qYj29PHvZ7h2WqCgNxIJpyq7T15+LUQWqrraxHbP8DsVJvc=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Feb 2023 17:58:02 GMT
server
ATS
etag
"1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
accept-ranges
bytes
b
geo.yahoo.com/ Frame 6059 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geo.yahoo.com/b?t=xhkd7&9sdk8454
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:09 GMT
strict-transport-security
max-age=31536000
server
ATS
age
0
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
0
content-length
43
getAds.do
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 6059 		298 B
366 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=f27d7e47-185c-4971-bf95-a921d0a0975a&apiKey=8Z7TZ5MDPJ4WQK8Y68JB&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fsunflyday.com%2F&caps=16&cb=jsonpCallback0
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
o2.ycpi.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
a2071a6dd4e4dc556c647ef2614dca9d7bb5c5aa37cf13e5c23bfb0dc468e849
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
date
Tue, 15 Aug 2023 06:20:08 GMT
server
ATS
age
1
x-content-type-options
nosniff
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
x-envoy-upstream-service-time
16
x-xss-protection
1; mode=block
x-request-id
ce5ff626-247a-4c5c-a7d2-11024048af44
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 420A 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
391c0c693d9b148ff971e70c20aa43085a97025df7da49c502b6b1cc0110a884
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50809
x-xss-protection
0
server
cafe
etag
821895342487559518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 15 Aug 2023 06:20:09 GMT
b
geo.yahoo.com/ Frame 695E 		43 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geo.yahoo.com/b?t=xhkd7&9sdk8454
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:09 GMT
strict-transport-security
max-age=31536000
server
ATS
age
0
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
0
content-length
43
getAds.do
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 695E 		298 B
337 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=22c87bdb-f382-4ab8-b1fd-a16065b11ad0&apiKey=8Z7TZ5MDPJ4WQK8Y68JB&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fsunflyday.com%2F&caps=16&cb=jsonpCallback0
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
o2.ycpi.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
d531ee353b2e628d0735cacda425a3000ab2da5481ea441980a576896e6bd427
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
date
Tue, 15 Aug 2023 06:20:08 GMT
server
ATS
age
1
x-content-type-options
nosniff
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
x-envoy-upstream-service-time
16
x-xss-protection
1; mode=block
x-request-id
acf1274d-3c66-408b-8696-7a6b3dc2aa3e
container.html
0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3385 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lihkg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 06:20:08 GMT
expires
Wed, 14 Aug 2024 06:20:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-PPY9Z37CCJ&gtm=45je3890&_p=1772006471&cid=433030508.1692080408&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1692080407&sct=1&seg=0&dl=https%3A%2F%2Flihkg.com%2Fthread%2F3470022%2Fpage%2F3%3Fref%3Dweb%26post%3D6&dt=%233470022%23%E4%BB%8A%E6%97%A5%E4%BF%BE%E5%80%8B%E8%81%B7%E5%93%A1%E5%8F%AB%E6%88%91%E5%8E%BB%E7%9F%B3%E9%96%80%E6%8B%8E%E5%AD%B8%E7%94%9F%E8%AD%89&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PPY9Z37CCJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://lihkg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lihkg.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ Frame 7E90 		369 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1983042674979462&plah=pb.lihkg.com&bust=31076964
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
194232aeba5b09569566b357606b6941d22480926aa76c53445e8fcdf2b9c527
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128231
x-xss-protection
0
server
cafe
etag
17822228781122720278
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 15 Aug 2023 06:20:09 GMT
loader.js
cdn.taboola.com/libtrc/palmate-lihkg/ Frame 6059 		254 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-lihkg/loader.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_lihkg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34a2285b821bfc7097678bd1ff47e8c5ba68180ba96ed4acef1edd8cbfadef92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
5C55IDEk_P5nWtVjzftrVJF0rT3qIyuS
content-encoding
gzip
via
1.1 varnish
date
Tue, 15 Aug 2023 06:20:09 GMT
x-amz-request-id
PWT9Z7SCHM4DYTZ1
age
7
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
47201
x-amz-id-2
PfnJ3FKCgJL8xPOkIANv+MHknIr+iZuDudCUjfobAdM42jphHyIMbDlEQpU58DXUNZZxr5YPSN0=
x-served-by
cache-fra-eddf8230040-FRA
last-modified
Mon, 14 Aug 2023 10:16:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692080409.242041,VS0,VE1
etag
"7939be390214833ca9c058e9387f81f2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
99
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/ Frame 3385 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/abg_lite_fy2021.js
Requested by
Host: 0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
URL: https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 14:30:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
57003
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9094
x-xss-protection
0
server
cafe
etag
8732331910907961498
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 14:30:06 GMT
css
fonts.googleapis.com/ Frame 3385 		8 KB
846 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
URL: https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 15 Aug 2023 06:20:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 04:30:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Aug 2023 06:20:09 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame 3385 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.css
Requested by
Host: 0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
URL: https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:22:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
514684
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 10:38:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Aug 2024 07:22:05 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame 3385 		368 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Requested by
Host: 0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
URL: https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 18:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
561430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
130842
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 10:38:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Aug 2024 18:22:59 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 3385 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
URL: https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 14:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
57016
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 14:29:53 GMT
l
www.google.com/ads/measurement/ Frame 3385 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQaX4v1VOriprXMCpbmLEJuRncWxRtXKDSmylaXnF-WDkW_FvX7FvQOKyN8hx8h7cd9SMFsyWYoQPBwtFG4C3fpu4qkig
Requested by
Host: 0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
URL: https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
loader.js
cdn.taboola.com/libtrc/palmate-lihkg/ Frame 695E 		254 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-lihkg/loader.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_lihkg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9147eaf3803b91c546847ca562415276065ea2ea761f1c42c0aa4b7ca555511d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
5C55IDEk_P5nWtVjzftrVJF0rT3qIyuS
content-encoding
gzip
via
1.1 varnish
date
Tue, 15 Aug 2023 06:20:09 GMT
x-amz-request-id
183KE77BWJ4ZBB1T
age
8995
x-amz-server-side-encryption
AES256
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
7
x-amz-replication-status
FAILED
content-length
47597
x-amz-id-2
f7Ae+yLaXFijjEoFZST4vIv9c7i75RVO0eiQelW9X2uOFRiJkDDAX/kho/Nkp0FKx/dRM4GwbKY=
x-served-by
cache-fra-eddf8230040-FRA
last-modified
Mon, 14 Aug 2023 21:50:21 UTC
server
nginx
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692080409.242022,VS0,VE1
etag
"8ed1fe4724466d28479ae0bbc141d46f28883658"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
29
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/ Frame 7112 		372 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1983042674979462&plah=pb.lihkg.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4268bfeca5bde7a2f43712c2cc4f7d5060593d6cc3c01c7fa8c2737aff17a6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128453
x-xss-protection
0
server
cafe
etag
14087760370527978320
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 15 Aug 2023 06:20:09 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/ Frame 420A 		372 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1983042674979462&plah=pb.lihkg.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7293d779f2ea16e6cf92e5b6b59a926ce160dbe2a60f995e471fe4295aba4864
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128451
x-xss-protection
0
server
cafe
etag
12187215011864448124
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 15 Aug 2023 06:20:09 GMT
smj
pb.lihkg.com/ Frame 2D5B 		1022 B
658 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.lihkg.com/smj?theme=light&is_mobile=1
Requested by
Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
846ab283855ddafc646f26a469d6c6c1b5a1f59f5d90ca195001e6a9ba943a43
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lihkg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
110
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
7f6f547e1bde1e31-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 15 Aug 2023 06:20:09 GMT
expires
Tue, 15 Aug 2023 06:50:09 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
impl.20230814-2-RELEASE.js
cdn.taboola.com/libtrc/ Frame 6059 		799 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230814-2-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-lihkg/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
0d1cb4b0238ec323a99cb8f9f53371f65403f15d700d0b439c63e55dd500e9b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
qNuTXeo5afW_RmIYO47oxPsajPNu7EXi
content-encoding
br
via
1.1 varnish
date
Tue, 15 Aug 2023 06:20:09 GMT
x-amz-request-id
F0RTGJK91RPAC6HV
age
17112
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
169124
x-amz-id-2
7HdCjond6cBzwM4zLEtJk1g5WDc5fM6U2PixSYAA1HAEAQmU2AcTxs4D5fqviMoFFHxWZSxopJg=
x-served-by
cache-fra-eddf8230040-FRA
last-modified
Mon, 14 Aug 2023 09:34:56 GMT
server
AmazonS3-br
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692080409.310050,VS0,VE0
etag
"6675b33efe6d09617005e09bb61f34c0"
vary
Accept-Encoding
content-type
application/javascript
abp
10
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
30451
impl.20230814-2-RELEASE.js
cdn.taboola.com/libtrc/ Frame 695E 		799 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230814-2-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-lihkg/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
0d1cb4b0238ec323a99cb8f9f53371f65403f15d700d0b439c63e55dd500e9b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
qNuTXeo5afW_RmIYO47oxPsajPNu7EXi
content-encoding
br
via
1.1 varnish
date
Tue, 15 Aug 2023 06:20:09 GMT
x-amz-request-id
F0RTGJK91RPAC6HV
age
17112
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
169124
x-amz-id-2
7HdCjond6cBzwM4zLEtJk1g5WDc5fM6U2PixSYAA1HAEAQmU2AcTxs4D5fqviMoFFHxWZSxopJg=
x-served-by
cache-fra-eddf8230040-FRA
last-modified
Mon, 14 Aug 2023 09:34:56 GMT
server
AmazonS3-br
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692080409.325158,VS0,VE0
etag
"6675b33efe6d09617005e09bb61f34c0"
vary
Accept-Encoding
content-type
application/javascript
abp
6
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
30452
ysm_lihkg.js
ad.sitemaji.com/ Frame 2D5B 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_lihkg.js
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/smj?theme=light&is_mobile=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
13f8092344fdfa408598d877884fd5cbb8d0b15009a84edd1e63ab2a351d82b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 02:38:15 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 31 Jul 2023 09:23:53 GMT
server
nginx/1.12.1 (Ubuntu)
age
13314
etag
W/"64c77da9-547b"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6865
expires
Wed, 16 Aug 2023 02:38:15 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 7E90 		12 B
100 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=pb.lihkg.com&callback=_gfp_s_&client=ca-pub-1983042674979462&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1983042674979462&plah=pb.lihkg.com&bust=31076964
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A19E 		46 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409014&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409174&bpp=3&bdt=1290&idt=210&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=259005268492&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080409&ga_hid=202743654&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076836%2C31076964%2C44799571%2C44789816%2C21065724&oid=2&pvsid=4327037523449845&tmod=1074106898&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tdjs3rj8l6j3&fsb=1&dtd=222
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1983042674979462&plah=pb.lihkg.com&bust=31076964
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad000b54cf104b080eaf6ad565a3da7322a1a25ac98fe818dce338be0300ca07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pb.lihkg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
16813
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 06:20:09 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7E90 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230810&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1983042674979462&plah=pb.lihkg.com&bust=31076964
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
726caa23f6d0c48bf34867d3076f7b69d0b69ba0c7a5e3dd6ec7339a3192047c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11606
x-xss-protection
0
native.js
s.yimg.com/dy/ads/ Frame 2D5B 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/dy/ads/native.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_lihkg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:13:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
Q8PDK4ES78J89DPJ
age
385
x-amz-server-side-encryption
AES256
x-amz-id-2
G+bkLxXv/P6KpSaTbLDbehoQSpJ9qYj29PHvZ7h2WqCgNxIJpyq7T15+LUQWqrraxHbP8DsVJvc=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Feb 2023 17:58:02 GMT
server
ATS
etag
"1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
accept-ranges
bytes
csi
csi.gstatic.com/ Frame 3385 		0
225 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~llbwzjv6&c=5021897222359&slotId=2510948611179.5&qqid=CK3Y0d2C3oADFQLA3god3T8LuA&fb=outstream-lima&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1004::78 Fort Worth, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:09 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3385 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 11:08:17 GMT
x-content-type-options
nosniff
age
241912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 11:08:17 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3385 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 22:08:16 GMT
x-content-type-options
nosniff
age
461513
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Aug 2024 22:08:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3385 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CxZlrGBnbZK3sN4KA-wbd_6zAC5z7wM9xuJid9eoRv-iivcABEAEgxqWvPGCVgoCAsAfIAQWpAgk1wegDTrI-qAMByAObBKoEhwJP0BOIYBM9A9SrXuYpk1IKsxf1aeb5Q9_PbBvHlP9SAS8v2CwxQxbeenJOx95d-EOJKEClnzS8BIsTGdh8XtdbLZzvdC8QQ1-goU4f4wHP7sqzsKT6z6myEvRNED4Vlc-N2op00hYGMPhNhW07EgkJNRcg8JXAJeyaPbP0t6E6HMR4IfPo-Mg9dNFdDSALOrUcwi7xTfqgWPiADKNCdpOMGRJ2Y23RHwyZi0OU4pcmnbdPicivkP2nVIt7J2BK4lswQB7Iif8eDb9AnIEaQPi4JpITiTRUVs2bwYTlsOP-CK80HA5higIZWZvdFkV8f3CQSukuXl94uQ1tGGxWl2KM1Jdhd8GT_MAEq_f2wLAE4AQDkAYBoAZOgAfPv8FnqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGiDAgqBgoEw7CxAqoNAkRFyA0BsBOYwY0UyBPu-YzjA9ATANgTCogUBtgUAdAVAfgWAYAXAegXBQ&eventType=clickstring&clientTime=1692080409442&ai=CxZlrGBnbZK3sN4KA-wbd_6zAC5z7wM9xuJid9eoRv-iivcABEAEgxqWvPGCVgoCAsAfIAQWpAgk1wegDTrI-qAMByAObBKoEhwJP0BOIYBM9A9SrXuYpk1IKsxf1aeb5Q9_PbBvHlP9SAS8v2CwxQxbeenJOx95d-EOJKEClnzS8BIsTGdh8XtdbLZzvdC8QQ1-goU4f4wHP7sqzsKT6z6myEvRNED4Vlc-N2op00hYGMPhNhW07EgkJNRcg8JXAJeyaPbP0t6E6HMR4IfPo-Mg9dNFdDSALOrUcwi7xTfqgWPiADKNCdpOMGRJ2Y23RHwyZi0OU4pcmnbdPicivkP2nVIt7J2BK4lswQB7Iif8eDb9AnIEaQPi4JpITiTRUVs2bwYTlsOP-CK80HA5higIZWZvdFkV8f3CQSukuXl94uQ1tGGxWl2KM1Jdhd8GT_MAEq_f2wLAE4AQDkAYBoAZOgAfPv8FnqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGiDAgqBgoEw7CxAqoNAkRFyA0BsBOYwY0UyBPu-YzjA9ATANgTCogUBtgUAdAVAfgWAYAXAegXBQ
Requested by
Host: 0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
URL: https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 3385 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~llbwzjvn&c=5021897222359&slotId=2510948611179.5&qqid=CK3Y0d2C3oADFQLA3god3T8LuA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.ge&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1004::78 Fort Worth, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:09 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 3385 		27 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CrCld01y3NhjU9XxfGZd04JI6BjuLxPSrEQaVrFA7h9PiAH4FbNOlW8M28VMZCx5PXhuzY4UWti0s9y2MePsVfs6jWVw&dbm_d=AKAmf-DiT--PUy6O61kabWmna7K5lBGR5cFwHKjefhTzBGtRw5kpYu-ycjhXpRrMtMKMjaPpNIPZ7-eXhCTqYLXJNvc0UfmkZbnvks-BMCVLPu9vGODuWQT7tfXq-rfKWHB1AkdWUERAu7wPKOxmFpKU29PPY5vPuxWMtLYBq1QgG8PrxP96CerxpSc6ChsREcuw9V2CYd2NTi31tP8mvVYDaM_pzzEIAtZeEy21yGoV7Yz0tm_3UsaNf85tfUDpfx8igWkdEBVt2mqFDv4QIwPuTOLUHcCIUmOz0hh587Or1lEHCiz-QEmQd-OJz0YAEjGpnYpP3kimdp3KN1WMZYToXIGYfM0KWyTbQ3Z8ADe0XwsUsB9Ia060o4mkSRFFtz55QOkvTcNh2qEvdP0AaoumVRlIBjjk61KX_Lq8-A4slg0yio4a1WZdBve7jh-ZATaa0Zcp1wOEK7wYljxi0I3yNxuZvrb10WmNaZjpsOn0FaqtPILcLS3bcJ3UI2cjo5EJsGNpkIMqb5PaZDODYuPKNbKPuiRWjc4mq_bKsROXtcyZEkWbmBMHXxZh38XsW-mjsWalU3_AlMHkRJKDH7qChKfc_tt1EAOVlDme_ygAnqM4ZnVnMNxiLP14eEa4f1jFBFyAIyXzvbzw1oYMKMzygt6W9d4Jaa_MtqNnfGaHX-zyU2JUdpNDLgydtPVXeMj1ZSIQBwxsuzu7f3opcvGawga-DRF0kcpWVUwb3CfXurl4yK7m_tZ152wgjAlbZAUveoTVYPF47PTzyyFHGRaJJBlKtt6_2bDsxXiYHD2r3og3j-jTiq3vlz-dWhvvbr0RlGNN3VFwQkhuAeYqdSnqmZaQ7ZQJb2Cmpau9kJ_ZqHhOx3lN03x5o7bh8Lrgfx9QgutqzOhf-M8W6_l3RTiYDsyYRtXJupTXZVowLdkUs9Q2gy0P9SOVwMJnP2dZqiHPX6u3aN-xL7_Gdi2i50dnWsLT-70eOeZ6JQgykG5LSfylAHzATMYjBbQxog_IyS0M89-HrHH2Squ3FoyhOgbQIlTaW2wlqgGV6ZhRT0rK5BFIBuIhPTIlgBS3__tP7IXrS8TZP5HPxb0zgiScpj_W6u8DHIcNMCIMAr8lyfUnePwBWKg9xNg0RomoyyPtqBxw9Yw7VakiymttN3HZQfW4Oj1TUnpfNlVVglBk2X2wVnATwgSyh6pJEE6RXSg4pfuhpo6LJRLkpK8wVN82UKOqUtNqp3TrkuUranO01qOuLk5YyWWMXp4ZOZfwI_jgxcKPqQL0_VujMdthp1zV0sJ524d8wFekbSncsg7FIS8FfzY0RArLhr1rfGEma54F3LtEaaBzKcBDeRbTA43Zdx93eEANlTL6aik4xMgsGXo45e9hvZHEZqNmLZ7eS1UfbE4bxVgT5lwfyaGi7uVi44HAzmCYm72Kbow_T-UR12v_M-UXGvPk9tRWnExEPxByLGQ2lmQMePxxLpCLU3YDSOavMxk_0ouaiL6RZwBRY02p2mFrLVYqchdrx3D-HZCIytWtr0H2CjpS0_VAWsGoVMkQLzfoXKHQWw2LB09OrzlLgVhtQ6Uya2af0p5GCJETKnUPyJbtE7-vx3rAynLtbkHGdRb_AeU0d7-byCMVYIaxfZ_ZrYmUTzrMf1icnL6kZJGrVvacczC4jltwtY4t8HmRrWi8QTfvDS1p-yXGAwXDLvHCRILBaFk1Gmhca-vnMq5V02WPUkD9T8tFDC9nGGn-PFRRS8u3pfaimS-DbwSgAcRKQlEGzDrhP5Eu5KMoETNvMJEyxhurRlnYDdwoivqS2Q_X0mEsOhdTVMlOaJbvfeBlGWa4I2hBCLllj5t8w182Nsy-AAkUxvcsTET8e5rfRsqM2Resb_6gBEGmuVtTFY9AkQsjFUD6ch6RH7Cv8PdMFrtXfuQShRXrVSPF8YQbKsw78OL4Q5lnW0Um4hEl-QAUrWIuCHprcbrGKervqEmbIawBlyTNsAaeuPGJZ6HT_h9wmEMpMxWp5doC_5Xb3vfpmdbflUoAJamFDpBr9ozbtTGPju9HDJbNAov0yyDH3JnI1_-J-bwRdr90vNnUMJqKFcxNaHTVG5iNE2mT2ZxFdrOpVfgz9ZJzt8JLehOJpR0mqp70CVuoPalxnm7me_5tWVfiS9SCqU-THnKSHKjIuglsddBZX2R9SOpkE8I_iDzxGkxCORpSjl0vnu89pvzuWUB0U6W_IKJ_O0kLKtTKCjPNPVcQbKOQcgFv2rvlqlW8bRN5NHBvR5M1if-DY4KadC8W8gSqBw3Z8-QjoZE_wKxI6A6dTH9qXuRMJBpqAPsoJVD4UPBGi8nNdpv91yViFXBfr8LV1ThMqyyYSkBGsrIHtB7ijog5jytiLAP_v9Uw09JaeU-GwSNbVF3m-jdlEPH9pfHIAMtvs8Y3qqEsPp9zcvVGyxDp85BGwD3KuXbVtaQbATR1YnT1lt-2HqN2hIMcPDxl2aWgHTdzGmOO7Obzu1oZc1xkCbHzm0ViLct4wI8EPIMesyfSoAQ0ni8ZCs3MefVe7qmfuhoWbIcSOmwxuGW5mnAe7XaZJ-EJ3Hlk8OfY1DrSnHD5JphYAvkOWblBvl92Txwq8NafmZUKjEE37Ud7xsV_uIbTaz8JZyG1mRqSESr1CUBi94P8ceKACh1s1KYNt6r7tI-PrSijsLZkH9KeQPHkl258qtCR3rzpuANeC1hkkAhDwYoP3qb_t6xYKJLVxSkuU5v_uJdYc05w62rhNONRC485VDqG-pz92lWUpEnAVoN99b1jSAPcHpmmkqE1EGlObwIhmyFC_1l5DSJ-I_ITvzr1VyHgnsy0attRM25YPZDHfLrwvRLcv-vG0ea22zAcArfoaVKAvqv0zNJWG7CzXSShKVWx9tZy8ydRHjLg4l23Vau_9UOgtoff0l4Dy8mtlXfFVdGtVNW6a1kS92ni5L5m0B2_p3avehJ5tooQxMI9xTf4896KC1FnAj1mlG08FlkbXp1GxsO679s_F4Z7fjtkiV1E4Q6-atNgzKZNo35h1CJ6cFbbrkGeYHb0HzmuyNzdX7L8tPbPeE8CM9g2jzpbTxnoAOq3mXOJlSgfWtoq0oAoCxKzwjEdwfJOv2dJseo2-nI_IWRsKTl8Ve-ZWtSXQBrDL1GjjlYzDkQBB3tdJQrcxhlsPmGZ3HR9loowYZSKr41yf-GR3lxm2iAywmAdVfvRUcS2AoKAIXhqp7fp1qzsPBzwjPca3iG4ilzTUooeRUZ4Ptx6aCNunMkA-WDidlqXsdlSx9nzsr75-_l7hy6hZKMysVXRghbzrjmDvUNBsnLHDTbS4NEH6EmM9WtwHdwz1NIiFL3CsnUiJkecQZfm6b4AccyvJJDS0DUCXLEkCLL1DQUgElvJRePNuLLNEAsocgdnv7_XutZ5piX6Q-dC-3TSy0CWzZiWFEpwWyCsWhUG76_EvxEPnwNBV-KJIHeZl3NTXxVPjOLV9Zn2i7UoOJ4VSJZb0lWWMCcnSKV-i_yfzFkIq3Q6C1hYwkSgsG2Z6Vdl-ne8bcVvvqPGtvo8Wdnypv7XrblfO_ixPTQFZGl-HKHz9haWT4UFO-zsbA6VU03HJINjd86IJoMX13IxLQ6BlAKmwvZGPYkpWCs8e5AjJYfY4fSz-paPAepMlaVyqndXm13ojg&cid=CAQSPABpAlJWsYKXkeLee26l99NnSWPbblckEKxb84wnMdv5_s2gvZUX_drgkxcmHF-d16LnyITMyzAsAouxSRgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.71.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wn-in-f156.1e100.net
Software
cafe /
Resource Hash
de3d83084cff9f7e72a946c33ae28632067e4010f71774b7ca2e085a57d64ca6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17474
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230810&jk=842651503506098&bg=!6uml6b3NAAaiGN5Pghg7ADkAdvg8WqwOvvDq4gKbn5yY1uMXH8BmziS2sLF9_X8z7h-VtIuncnORA5JoJ0C9-e9tSqJHffMtpIkCAAABbFIAAAAGaAEHmQK64XKJYpnpTqUNmJtGRznttV0WZZOnsapnEC57X1xCHYrmo2yWGGC0499ukPuM6gkDtF-HlF0Bh29Ieh6oFe6P_ZwYEAFbtlpvba-8IDjl6mKVAumjzWeYBNpDVmGDZNP_cogG7dV2upYW7HkFjkXaLWAQBFX3I2yxHh37vtf0yZb4DrwlDxTG23gtvlyF3769AzGQFcxONXszFm6mY9xY8Th4jVKtJPHsVT7O56H9h4A1OK55nZzCCTxrj5Qmk-Mn9tDMfdBy30nCCnc5ihbkM2X2fs3JmFjplMIcdeiUgLTwy_J4xCmVLhpLmLAuBn7nqK0tZVLdTJUeFz0mvhCCWfP5bLyPJD0Sx4MOSZX5kcu_U4e11WwqmV3B-gGik7lQip-RAIV55vLedRgnna2qqEG_ol4Pf3ru0In3IahMuifwt_wV0pCf1W3N7F7S1Jq0B6i8ErfX_ZSfgs0St-41BfSmjvO7H4EQrTgIlpa2lgflESeI5J9BJomYdKKcvY33QQa8AeVydJFHXsmTlga9szVsn3MVqsEsS0ytfLKBIAK_D07RHMLKcwyOzw8brYmpeJs7vdgEOFpMbzM5UhtYjf72hinGc5AfcTLEW4s6moRSwn8mGZyJuPboO-FhKrzNOrJruamA3x1y1rxetzhkpBNcaUbdg7W0jr9twPsO35l8_N-ZFT6k5cpTH9xEmjHioeluWWadHJfr8Pfb7mNKbfr-kV-R3yA8ZRE1JcfpZUmo7_Zl4Pb1Kmea6oJjQTf_vO1GWgynV_uKverTylSqmEmO5frQQ6Z4XPu2-BklpCdoCiIHGDoEzDoCHOYxwC27sBKABNtMs8kDQrBePrDkSpsWlGPow3hRrJzg_mQQKPZ6CTcYGbGGg4iVMciXaYgy8-xVIo1p5JCKWc9z1sw0wWHXh2RFZ1BQR5w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5EC1 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
URL: https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75062
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 09:29:07 GMT
etag
48472445140208031
expires
Tue, 15 Aug 2023 09:29:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7E90 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1983042674979462&plah=pb.lihkg.com&bust=31076964
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 15 Aug 2023 06:20:09 GMT
truncated
/ Frame 3385 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eed7205ad716241cda949a47c532964e6b5f06134979dcb03da64408c0a6b778

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
cookie.js
partner.googleadservices.com/gampad/ Frame 7112 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=pb.lihkg.com&callback=_gfp_s_&client=ca-pub-1983042674979462&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1983042674979462&plah=pb.lihkg.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0523 		46 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409032&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409246&bpp=3&bdt=1359&idt=258&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=2348983626704&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=785304189&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31076837%2C31076876%2C44799579%2C44789816&oid=2&pvsid=4231817946788915&tmod=1468571350&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.zbkmca78uwj7&fsb=1&dtd=273
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1983042674979462&plah=pb.lihkg.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e54761a0a696cdd20582c0538cb9d794628eda277c9913b68aafd12ea72fb21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pb.lihkg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
17290
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 06:20:10 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7112 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230810&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1983042674979462&plah=pb.lihkg.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e08db01b910e7d8b37a2ee7353e438f1f9a1595e66e3c8c53e79f802bc51e1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11674
x-xss-protection
0
b
geo.yahoo.com/ Frame 2D5B 		43 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geo.yahoo.com/b?t=xhkd7&9sdk8454
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:09 GMT
strict-transport-security
max-age=31536000
server
ATS
age
0
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
1
content-length
43
getAds.do
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 2D5B 		298 B
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=f27d7e47-185c-4971-bf95-a921d0a0975a&apiKey=8Z7TZ5MDPJ4WQK8Y68JB&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fsunflyday.com%2F&caps=16&cb=jsonpCallback0
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
o2.ycpi.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
a2071a6dd4e4dc556c647ef2614dca9d7bb5c5aa37cf13e5c23bfb0dc468e849
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
date
Tue, 15 Aug 2023 06:20:09 GMT
server
ATS
age
0
x-content-type-options
nosniff
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
x-envoy-upstream-service-time
14
x-xss-protection
1; mode=block
x-request-id
eab2b1d3-16e6-4419-b224-bf4cf09a9517
cookie.js
partner.googleadservices.com/gampad/ Frame 420A 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=pb.lihkg.com&callback=_gfp_s_&client=ca-pub-1983042674979462&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1983042674979462&plah=pb.lihkg.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FCEB 		45 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409100&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409265&bpp=4&bdt=1377&idt=264&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=3916345261878&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=490264881&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44799955%2C44792012%2C44799581%2C44789816&oid=2&pvsid=964398651614398&tmod=734821863&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.haw97hvriulh&fsb=1&dtd=280
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1983042674979462&plah=pb.lihkg.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
48073142a3807a297196002da3edf6ac1e2df6ffaebdb11135c15f372a58cd70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pb.lihkg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
16661
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 06:20:09 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 420A 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230810&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1983042674979462&plah=pb.lihkg.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf04a9f13a9c040ad2a4f916303855403c3e93d7d1022066404b9324360b3d1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11744
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 5EC1
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI5F2RbVqZn7h23fRHf-jJQ&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI5F2RbVqZn7h23fRHf-jJQ&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MGY3a3B2SHoxUXZOcHY1&google_gid=CAESEI5F2RbVqZn7h23fRHf-jJQ&google_cver=1&google_push=AXcoOmS79CPhnNq1rj4cUO8xlxTBfewZuYXgqTWxmELHfyE...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MGY3a3B2SHoxUXZOcHY1&google_gid=CAESEI5F2RbVqZn7h23fRHf-jJQ&google_cver=1&google_push=AXcoOmS79CPhnNq1rj4cUO8xlxTBfewZuYXgqTWxmELHfyEv-q0HXZES-Rgab_Hhr4Hn9HtPeYSPbNVCnz0GEgKmcCugZQ9JDNcGYFQz0woybG4Cuy1FRmFNEldr8cDQV1WUeVfkYETZI1hV
Protocol
H2
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 15 Aug 2023 06:20:09 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0546ea729b64acd63@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MGY3a3B2SHoxUXZOcHY1&google_gid=CAESEI5F2RbVqZn7h23fRHf-jJQ&google_cver=1&google_push=AXcoOmS79CPhnNq1rj4cUO8xlxTBfewZuYXgqTWxmELHfyEv-q0HXZES-Rgab_Hhr4Hn9HtPeYSPbNVCnz0GEgKmcCugZQ9JDNcGYFQz0woybG4Cuy1FRmFNEldr8cDQV1WUeVfkYETZI1hV
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5EC1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKNfUDDcY06ZpxYvdE4WLEI&google_cver=1&google_push=AXcoOmTr72M5YDdsr_APVJGk3aQOI9Fa8TNesZ2Ml3ewdHr5B_mOaWjSQX-YyZfnL60NmUe1cvH17O1iLb1GCHpY...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmTr72M5YDdsr_APVJGk3aQOI9Fa8TNesZ2Ml3ewdHr5B_mOaWjSQX-YyZfnL60NmUe1cvH17O1iLb1GCHpYEepVNiBmkxTySY9jzx84rgotuohC0q...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmTr72M5YDdsr_APVJGk3aQOI9Fa8TNesZ2Ml3ewdHr5B_mOaWjSQX-YyZfnL60NmUe1cvH17O1iLb1GCHpYEepVNiBmkxTySY9jzx84rgotuohC0qDYsumvrdeJqK0RSNFxtiWue8xxNg
Protocol
H2
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 15 Aug 2023 06:20:09 GMT
Server
MT3 1031 59fd23a master cdg cdg-pixel-x29 config_version:"1438"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmTr72M5YDdsr_APVJGk3aQOI9Fa8TNesZ2Ml3ewdHr5B_mOaWjSQX-YyZfnL60NmUe1cvH17O1iLb1GCHpYEepVNiBmkxTySY9jzx84rgotuohC0qDYsumvrdeJqK0RSNFxtiWue8xxNg
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 15 Aug 2023 06:20:08 GMT
i.match
s.tribalfusion.com/z/ Frame 5EC1
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENaTplHjfrMuhiSnh_WaHck&google_cver=1&google_push=AXcoOmQdqoSVHjoojp7Nmb8-99h6-rueQk84yXqbHImAYMTsFtzwiRk36kfNGO9b_ahl29ZkKP7V4Smi9bAyYkw7AvWAk1hq-2ofa...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENaTplHjfrMuhiSnh_WaHck&google_cver=1&google_push=AXcoOmQdqoSVHjoojp7Nmb8-99h6-rueQk84yXqbHImAYMTsFtzwiRk36kfNGO9b_ahl29ZkKP7V4Smi9bAyYkw7AvWAk1hq-2o...
43 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENaTplHjfrMuhiSnh_WaHck&google_cver=1&google_push=AXcoOmQdqoSVHjoojp7Nmb8-99h6-rueQk84yXqbHImAYMTsFtzwiRk36kfNGO9b_ahl29ZkKP7V4Smi9bAyYkw7AvWAk1hq-2ofav4WIheTE5bH-YsX1atzqGpmPlVoLGZttL5Qx3GPPrce&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQdqoSVHjoojp7Nmb8-99h6-rueQk84yXqbHImAYMTsFtzwiRk36kfNGO9b_ahl29ZkKP7V4Smi9bAyYkw7AvWAk1hq-2ofav4WIheTE5bH-YsX1atzqGpmPlVoLGZttL5Qx3GPPrce%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7f6f548268004d62-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:09 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
321
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENaTplHjfrMuhiSnh_WaHck&google_cver=1&google_push=AXcoOmQdqoSVHjoojp7Nmb8-99h6-rueQk84yXqbHImAYMTsFtzwiRk36kfNGO9b_ahl29ZkKP7V4Smi9bAyYkw7AvWAk1hq-2ofav4WIheTE5bH-YsX1atzqGpmPlVoLGZttL5Qx3GPPrce&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQdqoSVHjoojp7Nmb8-99h6-rueQk84yXqbHImAYMTsFtzwiRk36kfNGO9b_ahl29ZkKP7V4Smi9bAyYkw7AvWAk1hq-2ofav4WIheTE5bH-YsX1atzqGpmPlVoLGZttL5Qx3GPPrce%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7f6f5480fea34d62-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5EC1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECAd3SITeZ1Vm7UV_Yf-mLg&google_push=AXcoOmRYgFtdgpgjHCi5Q0J7I3d1Hv4oiGFB3HlR19r_r4GB08ikxJw0li...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECAd3SITeZ1Vm7UV_Yf-mLg&google_push=AXcoOmRYgFtdgpgjHCi5Q0J7I3d1Hv4oiGFB3HlR19r_r4GB08ikxJw0lil2VjR-LombbSQlG3gZYWqyiu_Y6OfFR48-Xf1tnebDX7F-vL7JIl6WRPxHhto-1-qGdUzXSM6SGv7gVUkUvGIA
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230058-FRA
pragma
no-cache
date
Tue, 15 Aug 2023 06:20:09 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1692080410.778139,VS0,VE93
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECAd3SITeZ1Vm7UV_Yf-mLg&google_push=AXcoOmRYgFtdgpgjHCi5Q0J7I3d1Hv4oiGFB3HlR19r_r4GB08ikxJw0lil2VjR-LombbSQlG3gZYWqyiu_Y6OfFR48-Xf1tnebDX7F-vL7JIl6WRPxHhto-1-qGdUzXSM6SGv7gVUkUvGIA
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 5EC1
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEE-iaGmx-YBM5cmiq-4Sf9k&google_cver=1&google_push=AXcoOmTJL29ydKrU7bVvT1qV6lBKzh_DJ5bZC2wSPJNb3xATcYpTX1GLrSVdgdDIlwzNVh9mYPQQCLT3SnbYcpr4cYNcDgpXP8ajZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmTJL29ydKrU7bVvT1qV6lBKzh_DJ5bZC2wSPJNb3xATcYpTX1GLrSVdgdDIlwzNVh9mYPQQCLT3SnbYcpr4cYNcDgpXP8ajZi_H7uMwaMrNgS61josRP3mbM0E_QM5S...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmTJL29ydKrU7bVvT1qV6lBKzh_DJ5bZC2wSPJNb3xATcYpTX1GLrSVdgdDIlwzNVh9mYPQQCLT3SnbYcpr4cYNcDgpXP8ajZi_H7uMwaMrNgS61josRP3mbM0E_QM5SCUi3vMNVYMZBHw&google_hm=Q0FFU0VFLWlhR214LVlCTTVjbWlxLTRTZjlr
Protocol
H2
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 15 Aug 2023 06:20:09 GMT
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmTJL29ydKrU7bVvT1qV6lBKzh_DJ5bZC2wSPJNb3xATcYpTX1GLrSVdgdDIlwzNVh9mYPQQCLT3SnbYcpr4cYNcDgpXP8ajZi_H7uMwaMrNgS61josRP3mbM0E_QM5SCUi3vMNVYMZBHw&google_hm=Q0FFU0VFLWlhR214LVlCTTVjbWlxLTRTZjlr
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5EC1
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFog5UCAgGumPvO6HIXsZOY&google_cver=1&google_push=AXcoOmQwAzJpmwAt3to2JRNVzmYqnnRq5Wd0yKCUKb6afVZ_J5c6PXTUsK_uq0hO7I47QaM2ETZ-YZ0Aoqy1B-...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2NzQzMDAxODg4MDc2NDA1Mg%3D%3D&google_push=AXcoOmQwAzJpmwAt3to2JRNVzmYqnnRq5Wd0yKCUKb6afVZ_J5c6PXTUsK_uq0hO7I47QaM2ETZ-YZ0Aoqy1B-w_Tw...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2NzQzMDAxODg4MDc2NDA1Mg%3D%3D&google_push=AXcoOmQwAzJpmwAt3to2JRNVzmYqnnRq5Wd0yKCUKb6afVZ_J5c6PXTUsK_uq0hO7I47QaM2ETZ-YZ0Aoqy1B-w_Twz8i3L6r7urKZvlTajErmDGyBr_5r4QnvjbS6khDrC6N0D9d_vRNcOprA
Protocol
H2
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2NzQzMDAxODg4MDc2NDA1Mg%3D%3D&google_push=AXcoOmQwAzJpmwAt3to2JRNVzmYqnnRq5Wd0yKCUKb6afVZ_J5c6PXTUsK_uq0hO7I47QaM2ETZ-YZ0Aoqy1B-w_Twz8i3L6r7urKZvlTajErmDGyBr_5r4QnvjbS6khDrC6N0D9d_vRNcOprA
Date
Tue, 15 Aug 2023 06:20:09 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
sync
x.bidswitch.net/ Frame 5EC1 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEA6lQEKDo84ucq_rOGSpjC8&google_cver=1&google_push=AXcoOmRIWvNPSkY9Rp4EVvzJHjhHl7xCJPYDKnTQZT9sjvCQvFAPKZb0FGCjyh5rYTG3ofvyCxF2wjmpca5YrB_uuFKyVE5vHZ3i4gLBSgr6wT1Xlr2ObD_QgAoKByLNMAkvAKemUbhM5YEr1w
Requested by
Host: 0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
URL: https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.75.15 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-75-15.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame 5EC1 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I2Xgva-rqlKbUjQPeyzwljdGD6lE9hOU-xXBobX05WY23xEB7WLUDQKtAGZzAvBPuyMbsh
Requested by
Host: 0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
URL: https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:09 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
securepubads.g.doubleclick.net/pagead/ Frame 3385 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C-vYJGBnbZK3sN4KA-wbd_6zAC5z7wM9xuJid9eoRv-iivcABEAEgxqWvPGCVgoCAsAfIAQWpAgk1wegDTrI-qAMBqgSEAk_QE4hgEz0D1Kte5imTUgqzF_Vp5vlD389sG8eU_1IBLy_YLDFDFt56ck7H3l34Q4koQKWfNLwEixMZ2Hxe11stnO90LxBDX6ChTh_jAc_uyrOwpPrPqbIS9E0QPhWVz43ainTSFgYw-E2FbTsSCQk1FyDwlcAl7Jo9s_S3oTocxHgh8-j4yD100V0NIAs6tRzCLvFN-qBY-IAMo0J2k4wZEnZjbdEfDJmLQ5Tilyadt0-JyK-Q_adUi3snYEriWzBAHsjR_oT4LNLaE_i7Zt79DDdzpESbXe8_e5RONM0tpbAVJ3lM2_4oZQChaVJn0n3C-ePs7VSVFY3W6jBMCRVXVX7cwASr9_bAsATgBAOIBZXZ86tLkgUGCBsQAxgDkgULCCIQAxgDSOLc-wGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB8-_wWeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHDBCp7RIYg_HU5gEgBNIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgHICwGiDAgqBgoEw7CxArATmMGNFMgT7vmM4wPQEwDYEwqIFAbYFAHQFQGAFwGyFx4KHAgAEhRwdWItMzI0MDYxNjQyODEwMDY2MBiGuiToFwU&sigh=-gl5S7HUpzE&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWsYKXkeLee26l99NnSWPbblckEKxb84wnMdv5_s2gvZUX_drgkxcmHF-d16LnyITMyzAsAouxSRgB&vt=10&cbvp=2&vis=1
Requested by
Host: 0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
URL: https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
Attribution-Reporting-Eligible
event-source
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 15 Aug 2023 06:20:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6F33 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pb.lihkg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
5149
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 04:54:20 GMT
expires
Wed, 14 Aug 2024 04:54:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C-vYJGBnbZK3sN4KA-wbd_6zAC5z7wM9xuJid9eoRv-iivcABEAEgxqWvPGCVgoCAsAfIAQWpAgk1wegDTrI-qAMBqgSEAk_QE4hgEz0D1Kte5imTUgqzF_Vp5vlD389sG8eU_1IBLy_YLDFDFt56ck7H3l34Q4koQKWfNLwEixMZ2Hxe11stnO90LxBDX6ChTh_jAc_uyrOwpPrPqbIS9E0QPhWVz43ainTSFgYw-E2FbTsSCQk1FyDwlcAl7Jo9s_S3oTocxHgh8-j4yD100V0NIAs6tRzCLvFN-qBY-IAMo0J2k4wZEnZjbdEfDJmLQ5Tilyadt0-JyK-Q_adUi3snYEriWzBAHsjR_oT4LNLaE_i7Zt79DDdzpESbXe8_e5RONM0tpbAVJ3lM2_4oZQChaVJn0n3C-ePs7VSVFY3W6jBMCRVXVX7cwASr9_bAsATgBAOIBZXZ86tLkgUGCBsQAxgDkgULCCIQAxgDSOLc-wGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB8-_wWeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHDBCp7RIYg_HU5gEgBNIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgHICwGiDAgqBgoEw7CxArATmMGNFMgT7vmM4wPQEwDYEwqIFAbYFAHQFQGAFwGyFx4KHAgAEhRwdWItMzI0MDYxNjQyODEwMDY2MBiGuiToFwU&sigh=-gl5S7HUpzE&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWsYKXkeLee26l99NnSWPbblckEKxb84wnMdv5_s2gvZUX_drgkxcmHF-d16LnyITMyzAsAouxSRgB&vt=10&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 15 Aug 2023 06:20:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 93A8 		831 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
90bf98fcb97087cbfd08622a492db2381c35d3cda40c63821fde6f8160acb6ea
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FrF9b-3bavCn-zRjR-_wlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pb.lihkg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
532
content-security-policy
script-src 'report-sample' 'nonce-FrF9b-3bavCn-zRjR-_wlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 06:20:09 GMT
expires
Tue, 15 Aug 2023 06:20:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7112 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1983042674979462&plah=pb.lihkg.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 15 Aug 2023 06:20:09 GMT
csi
csi.gstatic.com/ Frame 3385 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~llbwzjw5&c=5021897222359&slotId=2510948611179.5&qqid=CK3Y0d2C3oADFQLA3god3T8LuA&fb=outstream-lima&vast_v=2.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1004::78 Fort Worth, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:09 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
70774489
unified.adsafeprotected.com/v2/1434172/ Frame 3385 		24 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://unified.adsafeprotected.com/v2/1434172/70774489?mon=70774493&omidPartner=Google2&apiframeworks=7&bundleId=&ias_xappb=&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsu8_nI1slJg-9bETAWyUnMIndEBZ5MWw6fpTFeX9obfK0OGrQe85ivdqL962FbjRaFFLPpg-lm7DdtsnLSb1lEyY8kWCPYFsaNF7Rlc3Mz5do-M9GVb-o90pSMRBS9q4R9V8BdcbnnrcCw6dT1swLUdCbPPgl7fQ2S3GiapNEX8-Zo36RL-1NmrAwbGXjipf3kpEfQFM0YYUABs%26sai%3DAMfl-YRSVf1LkOA-GbD4CZHFNAxZiORYnAm0_M_KeVBBGzFAFIXlIM2F953LdkGBlwTwXSPPNsYfTVuvLOsjnpXHBrIrVUJeFjwBpg9mTGBoDbHn0YUpUI7CVNE0EmCThKt7HiIygo1G2iKRxRLynG8g4j9fbA%26sig%3DCg0ArKJSzLIsgKn1aIJBEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26vt%3D13%26adurl%3D&redirectedRetries=0&ias_dspID=3&ias_campId=1013136622&ias_pubId=pub-3240616428100660&ias_chanId=1&ias_placementId=20224732309&bidurl=https://lihkg.com/thread/3470022/page/3&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0giFuFJ653c_lyseFmbwDr5&originalVast=https://ad.doubleclick.net/ddm/pfadx/N6024.328593VIVAKI.COM/B29808231.364634258%3Bsz%3D0x0%3Bdsp_id_0_%3D3%3Bdsp_campaignid_0_%3D1013136622%3Bdsp_publisherid_0_%3Dpub-3240616428100660%3Bdsp_chanid_0_%3D1%3Bdsp_placementid_0_%3D20224732309%3Bdsp_bidurl_0_%3Dhttps://lihkg.com/thread/3470022/page/3%3Bdsp_dealid_0_%3D549644393847793680%3Bdsp_impid_0_%3Dv4~~ABAjH0giFuFJ653c_lyseFmbwDr5%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.0.0.0%3Bdc_osd%3D2%3Bdc_frm%3D2%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://lihkg.com/thread/3470022/page/3%3Fves%3DdGltZXN0YW1wOiAxNjkyMDgwNDA5NTY5CmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzdVhvRTk1dmN0T1hrcUx2ZUFTNmxjbkNIZWxCRm9DWDJ0U1BnU0ppbWl6aEVZM3Z6V1J4U3I0SUxvTjZiN2tsazF5NXE1TlVJTE5HcVhUT3ctX2hJcE9mZHg5NC01Uk1RVWlWWXRDb0cxemhtOEpyOWNXUWZlZmVwUW91MUYxY0c2czdPMldKYkJXWWpwN0ZwOVdtQjhZX0pETkgydDRzbXR3YUFqMTRudWVVOTJRNjFaRWt2c2RCa2Y1NXg4a0RYN0tEaUl6dHVWT2MwbGNuMnNUZ0tIR1NHMHo1a0s0d193SU83ZXdKZzV4OHdFYS05d2ZwRkI3b3YwQ0JiZTVPbFhpOV9WZ1VESzdhWDYwVHhZbzRYODhnWUhPY2xXVkFMZXdzakdMaVNsWTU5LUV6V3NiNXFzWVpiNlFZNW80dHlhajNfWmRYSEpDRTZSX1dxbUNKZ3RYWFF0M0pnN2ZMZjBoeFAtUVBIN0g0YWI1Z054dkRuU2dSTUxLaEhxcUdiQVRRQmVFTnkzZnd6bVd4dlFWWkNRTGpZbGJQdWw3bXFzQzU5VWNZWnBvckZjSzRBei13VzVCV3lxc0Y1MXRqZ0QzN2NyazU5VE9lS3JsUElUa3I1WG4yWm1fd0cybnctUy1BNDBXVDFuM3U2V3VjdllOaHlNOEotQ25JYmx5SmhON2FLenZabzBTWkpXS3lfTlVsY0ZDZGhMQVhINU9laTExOWRWX05kN3QtZDVBRXItT3ptREctSnN3eHFGSU5hSUhPNXZEdFplMVZoXzdlX1lRNFdwMGdLSDJVb0d6SFNnU252UlB2bWRwei1qdzBLakgteXFscS1qTHhudF9DVktOQ2pybnBFQk9pdkpJTTl3eWxNZnVUcmMyU25leFN1c2R5M2VaTUpONU5XaVhYRFY2am5nLUx0V2lYTTVUVlp6WHhXV3BXU1d6ZEMyZmpweTA0c2l2MFE0ZzFoOVZNWldaOHNVbzNpUWI2dDE0aXpnRkpTcWRieVUtTEw0Zk5PNVZiQnVIdEN2bnBkcTU5emdDWHJ6bVZMemlRa0V1QlJPSmU5TmRacjIyWEFDSk1hV015WjE2SFFGWUxGb21pRm4zN09BSEJ1akNXXzRNNlVqLUpuQmtvb29YOHdqQ0hLdkw1RVF2NEQxVUhWdVUzWVlnYU1JRDhYNGdFN0JvdHI3VGw1VlZFWlZGQlFMYUlYWlNESF9CcTdTT0xxa1JOWmVvY1RNRF9wd2Nya0NyMUlnTjdhaXVTWFVCQnhucEktdEFRNUo5d2ZuLXlGNzlCU0VvVUNUQUhHWHBQUmt5YzVEczU5RFVyWmpCT3VPeXEyT0tEbVZhMmtNd0FTRkVFQmxzSUFpQmxlN3p6QnVOcDU2aXY5OThXRzZicXZUYnFoQWRTNVlTei1mR0JjQW92RnpYenppcE1SVzU5ZGd4X1c0SmpBMXpETHBRSTVfdmpsbzVsTWlGM0trSDJuQ01xZEhyT0h1WXBoUUNqcFVIVnJDdHo4T0xfNWlyeWVqRFNmcVRaTDNMTVU2aVNiald1d0VsM0hRRWJJYnR5cFMxWWIyemNiNmIxdHBCM0lRQmNEeDlsY0lSamdmY1E3WnBDWloxdzVXTmNKcF9zUGVnQTFlcW8xWF83RGtYUVpkSXVBRGFhLTczWXpSMlJaZ1dLcWc4WFhLQ1lnUzg0MExIeTE3WWFfYmtHZnd3UDVseFhKUnFxMjRXUEJkT0pOcFFGblo3OHQ3aGhMV1JQak94VHEtUTYtUkh2VDE5amE3Ri1vTHNad3h3RUNsMHlPODI1cm9oWjl3emxXSk9wT0dWQm4wVnpINDN4N2h0TUFJQnB3JnNhaT1BTWZsLVlUV2MyS0FNSGxNejllUER2VTVhaUs5MFBrN3hycjZYVUtDR0lYdjhBMnRYQUtfMWt5YWhweHh5aVoxRXhUN2JtUUN4VU1NYzVhLUUtLTJRTlRWTEliTm8xVURpbVVkbzJMLWdMZ0RXZXFzZ29zbjBZSmJ4OUgzdl9Fb05FQm1lT3lydTNtRXV5WU51eW1fODkxYUpHSUNlbFlWaVUxbEtrd055TnBGbF9NcURsVVUyTmZvYmZ0U0JtOThNWmNodzlmSjlvUVNoekRNdUZsaWREblMtU2dTbVU2M2hpSUdWc3NDVWItR1QtT2ZnVVJIQ2hvSmU0VUpTcEE3Smgxemp0OUNDMnBKcHd1czJjVDMyOEJCMmlvTjdqeWFta0lFMDFJOWJTajRsaU41TlpqcjdqYUlfMEczY1BwYVFTeUt3MGNEWXg1NDRhaHY0OHJ6bGc4SVpyeEpIdmN3YWtSejFrX1Vhbk44UjE0Slh2ZjVWTnhjNklRVmNsMCZzaWc9Q2cwQXJLSlN6SHBYS1VYOGNiNXBFQUUmY3J5PTEmZmJzX2FlaWQ9W2d3X2Zic2FlaWRdJnVybGZpeD0xJmFkdXJsPWh0dHBzOi8vd3d3LnZpc2EuZGUvZGViaXQuaHRtbCUzRnV0bV9tZWRpdW0lM0RkaXNwbGF5JTI2dXRtX2NhbXBhaWduJTNEdmlzYV9kZV9meTIzcTNfdmlzYV9kZV9meTIzX3ByZWZlcmVuY2UlMjZ1dG1fc291cmNlJTNEMjc4MjMyMyUyNnV0bV9jb250ZW50JTNEMTkwMjk1NTA0XzU1NTc4MDkzMSUyNnV0bV90ZXJtJTNEMzY0NjM0MjU4JTI2ZGNsaWQlM0QlMjVlZGNsaWQhIgo%26dc_cid%3D190295504%26dc_adid%3D555780931
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.107.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-107-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5e751932f6f3cfd2c530e97d3df2c5b547aa2b563085db6b8f4d847cd619cbee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Tue, 15 Aug 2023 06:20:09 GMT
Content-Encoding
gzip
Vary
Origin
Content-Type
text/xml; charset=UTF-8
Access-Control-Allow-Origin
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Request-Id
cjdhi6bn1sg1sjb003rg
Content-Length
6653
loader.js
cdn.taboola.com/libtrc/palmate-lihkg/ Frame 2D5B 		254 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-lihkg/loader.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_lihkg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3e62d800f51c34294bd38d3b89b5dbe5bd39f55c8efaed49bb0f88002142a470

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
5C55IDEk_P5nWtVjzftrVJF0rT3qIyuS
content-encoding
gzip
via
1.1 varnish
date
Tue, 15 Aug 2023 06:20:09 GMT
x-amz-request-id
4NVG2WNV5P226M9Z
age
1965
x-amz-server-side-encryption
AES256
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
7
x-amz-replication-status
FAILED
content-length
47743
x-amz-id-2
knX69Tq3rLjwMO8pX619gy6wNe4Q1BFSbESKy2RX80DjGjcFXba9Vg/7j4FH/kefckqlgXDSpUw=
x-served-by
cache-fra-eddf8230040-FRA
last-modified
Tue, 15 Aug 2023 05:26:39 UTC
server
nginx
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692080410.624001,VS0,VE1
etag
"3ebe14fe53175258b8ec2618ffd08b8b4f7a6187"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
2
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame 6F33 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:00:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
65996
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Aug 2024 12:00:13 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 420A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1983042674979462&plah=pb.lihkg.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 15 Aug 2023 06:20:09 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 93A8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230810&jk=4327037523449845&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
tr5
cdn.taboola.com/libtrc/ Frame 2D5B 		3 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/tr5?abgroup=block_clicks_time_comp_ctrl
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/smj?theme=light&is_mobile=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230040-FRA
date
Tue, 15 Aug 2023 06:20:09 GMT
via
1.1 varnish
server
Varnish
x-timer
S1692080410.677122,VS0,VE0
x-cache
HIT
content-type
text/html
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-length
3
retry-after
0
x-cache-hits
0
impl.20230807-18-RELEASE.js
cdn.taboola.com/libtrc/ Frame 2D5B 		799 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230807-18-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-lihkg/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
444f926718417377433a873cbecd5570f937a6d096c0e55b8d16865eaba16619

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
T1aUunuLY788G3pRv0Id3Sev_M.u3Clc
content-encoding
br
via
1.1 varnish
date
Tue, 15 Aug 2023 06:20:09 GMT
x-amz-request-id
ZE7THDNYKGHPX4W9
age
5863
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
169206
x-amz-id-2
AFgwFxtXqXxgIVi538D2+r4Ge6xrxkRTEGhyYlteQoBym31RKBI/PJJZSx6lI8QAXmXbhmL1z1s=
x-served-by
cache-fra-eddf8230040-FRA
last-modified
Mon, 07 Aug 2023 12:31:22 GMT
server
AmazonS3-br
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692080410.683970,VS0,VE0
etag
"100b9b0ba5b218fb8172e85cc945bfd7"
vary
Accept-Encoding
content-type
application/javascript
abp
47
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
611
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4FEA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pb.lihkg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
5149
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 04:54:20 GMT
expires
Wed, 14 Aug 2024 04:54:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DCEB 		831 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
214d104b75275cb8776802bc1e79c67d8d1c21e39f014845d6d266d4a65b821d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Y4OBmE-1Z3Cf88D1T6wxoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pb.lihkg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
534
content-security-policy
script-src 'report-sample' 'nonce-Y4OBmE-1Z3Cf88D1T6wxoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 06:20:09 GMT
expires
Tue, 15 Aug 2023 06:20:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2ABF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pb.lihkg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
5149
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 04:54:20 GMT
expires
Wed, 14 Aug 2024 04:54:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 80AC 		831 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b744be45bcaadfc158afec0bdcebce3e96f6ac655f4f6b2e5dbc72bf043ec9dd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Vq2o6nku6XmwWnMlpX93wQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pb.lihkg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
534
content-security-policy
script-src 'report-sample' 'nonce-Vq2o6nku6XmwWnMlpX93wQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 06:20:09 GMT
expires
Tue, 15 Aug 2023 06:20:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame 6F33 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?k_U-rg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame 4FEA 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:00:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
65996
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Aug 2024 12:00:13 GMT
dr
as.ad4m.at/ad/ Frame 6229 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jnca8ctc1mh5rhgj2nf3dg5yvqx0qydgqsdvg5ka4n4ywqygef0nx1dgzxqjacnv5ez8jvz7xemvsd6n7zq8tgahted2vnwjvwje4yh18qtgd3s60zygzspde5n1t58g4hjratney7pttmjdrxwmt3gfye3j5dwq7g9xdzfd4zp76cdtrxyxvnxezxmhxa09dd67dpkd468w684dfmgxmjvk5m4m7vghnae3t4qjm7kxf39r2ydm8yavpv545n65ymx5dbnfd9hr2vcck8pjatdh5yfdhnxc80kye8ydpaw435kqs878027zj4c4cbxw980nav5t4g7yqzf1bef5jcvg0ds1wtd318kr7h9t3vq39mgrf1pny47s5aafxvj9awq2xkjn5s287vem00d6t9mx34jynj64kaarcs53qf1jq7jet6evadhrzjbjw8jdcw7599691p0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClM5DGRnbZJbiHMXBo9kP9_upOJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAh5w21pFTrI-qAMByAMCqgTfAU_Q05LtXDemvwo9wcATsfkq0jRcbSEKiwJUzDv1qdQed5gsmSEmRrq5HIK3NySQ31yVyR8jJG3BZrProWRcdhvdqxhPSDEX209J0_6HKLBNstbHIhLx7rUUevrlhcpsMjvadF2HswBiuIZizMOwnEVgpB8S-QzS8qKAtPwqJAhvzpt31dilYTA28O1krJC6ipP7P7_4v-RkGp8csCTMO4C36b1uWkUeyRP5IpBZIT9nyalTSRbZEKPcq7yzFAEPT9T0TjWSBx26cwC2xWvuBNSREGsDTKX13_7qYyCPG-SABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0VrU1eSJkiR6GFB5tUhPMDxENCEQ%26client%3Dca-pub-1983042674979462%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409014&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409174&bpp=3&bdt=1290&idt=210&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=259005268492&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080409&ga_hid=202743654&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076836%2C31076964%2C44799571%2C44789816%2C21065724&oid=2&pvsid=4327037523449845&tmod=1074106898&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tdjs3rj8l6j3&fsb=1&dtd=222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
572139a5df5da2e25a8f38b7fb68c160b9842d7c183494eb385468cc1ce3f741
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7f6f54821de62c56-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 06:20:09 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame E6DF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409014&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409174&bpp=3&bdt=1290&idt=210&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=259005268492&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080409&ga_hid=202743654&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076836%2C31076964%2C44799571%2C44789816%2C21065724&oid=2&pvsid=4327037523449845&tmod=1074106898&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tdjs3rj8l6j3&fsb=1&dtd=222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 14:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
57016
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 14:29:53 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E085 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409014&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409174&bpp=3&bdt=1290&idt=210&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=259005268492&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080409&ga_hid=202743654&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076836%2C31076964%2C44799571%2C44789816%2C21065724&oid=2&pvsid=4327037523449845&tmod=1074106898&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tdjs3rj8l6j3&fsb=1&dtd=222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75062
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 09:29:07 GMT
etag
48472445140208031
expires
Tue, 15 Aug 2023 09:29:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame E6DF 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409014&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409174&bpp=3&bdt=1290&idt=210&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=259005268492&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080409&ga_hid=202743654&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076836%2C31076964%2C44799571%2C44789816%2C21065724&oid=2&pvsid=4327037523449845&tmod=1074106898&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tdjs3rj8l6j3&fsb=1&dtd=222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 14:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
57016
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 14:29:53 GMT
l
www.google.com/ads/measurement/ Frame E6DF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSxsIB-kkZrpnuAHWXS3yGK5vBrv5MnHLBIl7Mc2xqBrePBFb7IN9ldRC8NSjmL8xgOfzl8uPKuLeby3ft29aYEANMrCg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409014&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409174&bpp=3&bdt=1290&idt=210&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=259005268492&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080409&ga_hid=202743654&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076836%2C31076964%2C44799571%2C44789816%2C21065724&oid=2&pvsid=4327037523449845&tmod=1074106898&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tdjs3rj8l6j3&fsb=1&dtd=222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E6DF 		180 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409014&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409174&bpp=3&bdt=1290&idt=210&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=259005268492&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080409&ga_hid=202743654&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076836%2C31076964%2C44799571%2C44789816%2C21065724&oid=2&pvsid=4327037523449845&tmod=1074106898&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tdjs3rj8l6j3&fsb=1&dtd=222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 06:20:09 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DCEB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230810&jk=4231817946788915&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 80AC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230810&jk=964398651614398&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame 2ABF 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 12:00:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
65996
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Aug 2024 12:00:13 GMT
csi
csi.gstatic.com/ Frame 3385 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~llbwzk0a&c=5021897222359&slotId=2510948611179.5&qqid=CK3Y0d2C3oADFQLA3god3T8LuA&fb=outstream-lima&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1004::78 Fort Worth, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:09 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 3385 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 15:06:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
227612
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 15:06:37 GMT
file.mp4
r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/6967f19e4f122d9f/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825912847/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 3385
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/6967f19e4f122d9f/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825912847/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
  • https://r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/6967f19e4f122d9f/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825912847/sparams/acao,ctier,expire,id,ip,ipbits,itag...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/6967f19e4f122d9f/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825912847/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/79DBE19EE487303E8C3B1D552A82F53A494E8CE2.5DA5347762A9A1A7CF0A8DD873AF8BF5AD26B986/key/cms1/cms_redirect/yes/mh/Vx/mip/2001:1b60:2:240:3247::10/mm/42/mn/sn-4g5edn6r/ms/onc/mt/1692079807/mv/u/mvi/3/pl/29/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:4001:e::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Tue, 15 Aug 2023 06:20:10 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
1774722
Last-Modified
Fri, 14 Apr 2023 09:33:19 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Tue, 15 Aug 2023 06:20:10 GMT

Redirect headers

date
Tue, 15 Aug 2023 06:20:09 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
653
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
location
https://r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/6967f19e4f122d9f/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825912847/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/79DBE19EE487303E8C3B1D552A82F53A494E8CE2.5DA5347762A9A1A7CF0A8DD873AF8BF5AD26B986/key/cms1/cms_redirect/yes/mh/Vx/mip/2001:1b60:2:240:3247::10/mm/42/mn/sn-4g5edn6r/ms/onc/mt/1692079807/mv/u/mvi/3/pl/29/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 3385 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~llbwzk8f&c=5021897222359&slotId=2510948611179.5&qqid=CK3Y0d2C3oADFQLA3god3T8LuA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=749&mt=video%2Fmp4&vs=854x480&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=59&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.st~videopreviewvisible.t6&ua_e=1&ape=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1004::78 Fort Worth, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:09 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame E6DF 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8b8b427b806633af3c3f3cc4f87c122389f8c3e40505c403a7cf411b8d0a477

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
i.match
s.tribalfusion.com/z/ Frame E085
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENaTplHjfrMuhiSnh_WaHck&google_cver=1&google_push=AXcoOmQD3NPDQOGLbTul_0MP3F-ZJZQBaP9-Mi-GosbaRPcDxOYdcZn3Ef1VPMFHODnlxs6vtOaFI3NWImbGGSkFw7uP6yCkdBJs&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENaTplHjfrMuhiSnh_WaHck&google_cver=1&google_push=AXcoOmQD3NPDQOGLbTul_0MP3F-ZJZQBaP9-Mi-GosbaRPcDxOYdcZn3Ef1VPMFHODnlxs6vtOaFI3NWImbGGSkFw7uP6yCkdBJ...
43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENaTplHjfrMuhiSnh_WaHck&google_cver=1&google_push=AXcoOmQD3NPDQOGLbTul_0MP3F-ZJZQBaP9-Mi-GosbaRPcDxOYdcZn3Ef1VPMFHODnlxs6vtOaFI3NWImbGGSkFw7uP6yCkdBJs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQD3NPDQOGLbTul_0MP3F-ZJZQBaP9-Mi-GosbaRPcDxOYdcZn3Ef1VPMFHODnlxs6vtOaFI3NWImbGGSkFw7uP6yCkdBJs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409014&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409174&bpp=3&bdt=1290&idt=210&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=259005268492&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080409&ga_hid=202743654&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076836%2C31076964%2C44799571%2C44789816%2C21065724&oid=2&pvsid=4327037523449845&tmod=1074106898&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tdjs3rj8l6j3&fsb=1&dtd=222
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7f6f548399274d62-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
704
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENaTplHjfrMuhiSnh_WaHck&google_cver=1&google_push=AXcoOmQD3NPDQOGLbTul_0MP3F-ZJZQBaP9-Mi-GosbaRPcDxOYdcZn3Ef1VPMFHODnlxs6vtOaFI3NWImbGGSkFw7uP6yCkdBJs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQD3NPDQOGLbTul_0MP3F-ZJZQBaP9-Mi-GosbaRPcDxOYdcZn3Ef1VPMFHODnlxs6vtOaFI3NWImbGGSkFw7uP6yCkdBJs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7f6f54823fca4d62-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E085
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECzP9Bocl8bNFZhD3EYTC_o&google_cver=1&google_push=AXcoOmTzIUfdwvp96DrwfyfMA-6zNgxxX122Jyj-UJmkjR92WVmSguyQyO3yK2_MPErk44fu_R9GArkT...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECzP9Bocl8bNFZhD3EYTC_o&google_cver=1&google_push=AXcoOmTzIUfdwvp96DrwfyfMA-6zNgxxX122Jyj-UJmkjR92WVmSguyQyO3yK2_MPErk44fu_R9...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY5Njc5OTY0MTkzOTUwNjg2Nw&google_push=AXcoOmTzIUfdwvp96DrwfyfMA-6zNgxxX122Jyj-UJmkjR92WVmSguyQyO3yK2_MPErk44fu_R9GAr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY5Njc5OTY0MTkzOTUwNjg2Nw&google_push=AXcoOmTzIUfdwvp96DrwfyfMA-6zNgxxX122Jyj-UJmkjR92WVmSguyQyO3yK2_MPErk44fu_R9GArkTA4RF9_GmUxEBBP55K1O_
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409014&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409174&bpp=3&bdt=1290&idt=210&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=259005268492&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080409&ga_hid=202743654&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076836%2C31076964%2C44799571%2C44789816%2C21065724&oid=2&pvsid=4327037523449845&tmod=1074106898&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tdjs3rj8l6j3&fsb=1&dtd=222
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY5Njc5OTY0MTkzOTUwNjg2Nw&google_push=AXcoOmTzIUfdwvp96DrwfyfMA-6zNgxxX122Jyj-UJmkjR92WVmSguyQyO3yK2_MPErk44fu_R9GArkTA4RF9_GmUxEBBP55K1O_
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame E085 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESENo32IR5hRP2fexT-K1fcPo&google_cver=1&google_push=AXcoOmQHMGgh2VzD7T0K9bE3mnivHlWkekBucWJu-KFXBsWrHeB6G2A2oS0ZdfA8nNK1AalPYE1dwtQcQtd3cC_kldgQjVz1uE1m
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409014&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409174&bpp=3&bdt=1290&idt=210&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=259005268492&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080409&ga_hid=202743654&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076836%2C31076964%2C44799571%2C44789816%2C21065724&oid=2&pvsid=4327037523449845&tmod=1074106898&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tdjs3rj8l6j3&fsb=1&dtd=222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame E085
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEM...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTUHqhU4_rxiiQUFdd5-DYbb-GTxd0KpKJB9hA2ylgGkdI4GU9S4bg26U_DhBoVGT8uarg6Yqv_X3YCcP8GWOIX9rksxAIM&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-32dc504b-8510-48f7-b414-439fc78fdb71-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTUHqhU4_rxiiQUFdd5-...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTUHqhU4_rxiiQUFdd5-DYbb-GTxd0KpKJB9hA2ylgGkdI4GU9S4bg26U_DhBoVGT8uarg6Yqv_X3YCcP8GWOIX9rksxAIM&google_hm=AzLcUEuFEEj3tBRDn8eP23E
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTUHqhU4_rxiiQUFdd5-DYbb-GTxd0KpKJB9hA2ylgGkdI4GU9S4bg26U_DhBoVGT8uarg6Yqv_X3YCcP8GWOIX9rksxAIM&google_hm=AzLcUEuFEEj3tBRDn8eP23E
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409014&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409174&bpp=3&bdt=1290&idt=210&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=259005268492&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080409&ga_hid=202743654&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076836%2C31076964%2C44799571%2C44789816%2C21065724&oid=2&pvsid=4327037523449845&tmod=1074106898&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tdjs3rj8l6j3&fsb=1&dtd=222
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTUHqhU4_rxiiQUFdd5-DYbb-GTxd0KpKJB9hA2ylgGkdI4GU9S4bg26U_DhBoVGT8uarg6Yqv_X3YCcP8GWOIX9rksxAIM&google_hm=AzLcUEuFEEj3tBRDn8eP23E
date
Tue, 15 Aug 2023 06:20:10 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX32dc504b851048f7b414439fc78fdb71003
content-type
text/html
sync
ssbsync.smartadserver.com/api/ Frame E085 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPdoRTwIfajbzkL3KjVhO6s&google_cver=1&google_push=AXcoOmSaX8SyYgY1RezLx690cetXL6MIlqJd8soUEhP0eTx7kU3iSE6Yrg7wDQMhQHnaMzZAjo3wDeNlBb6um2M9qcZZofmVTtHb
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409014&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409174&bpp=3&bdt=1290&idt=210&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=259005268492&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080409&ga_hid=202743654&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076836%2C31076964%2C44799571%2C44789816%2C21065724&oid=2&pvsid=4327037523449845&tmod=1074106898&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tdjs3rj8l6j3&fsb=1&dtd=222
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:09 GMT
content-length
0
/
onetag-sys.com/match/ Frame E085
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENGPKGTv0a6hE42BMinYPHA&google_cver=1&google_push=AXcoOmTUIGJppKc_Wtmf8q4r9N4yLuuGn3bNfilhiU1fCIRPq5lqhstKU3jFETnfA84nV6JE98PRY--3cAw...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTUIGJppKc_Wtmf8q4r9N4yLuuGn3bNfilhiU1fCIRPq5lqhstKU3jFETnfA84nV6JE98PRY--3cAwJDAWoIEFjzKWzedAv5Q
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409014&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409174&bpp=3&bdt=1290&idt=210&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=259005268492&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080409&ga_hid=202743654&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076836%2C31076964%2C44799571%2C44789816%2C21065724&oid=2&pvsid=4327037523449845&tmod=1074106898&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tdjs3rj8l6j3&fsb=1&dtd=222
Protocol
H2
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E085
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEC0t8JKkrF8CcqO7vwMjeO8&google_cver=1&google_push=AXcoOmSKQba5XJMjq...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEC0t8JKkrF8CcqO7vwMjeO8%26goo...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTAxNjk0ODExNDA2NzY2ODkzNA%3D%3D&google_gid=CAESEC0t8JKkrF8CcqO7vwMjeO8&google_cver=1&google_push=AXcoOmSKQba5XJMjqdkxwDrF7zSPUJlla_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTAxNjk0ODExNDA2NzY2ODkzNA%3D%3D&google_gid=CAESEC0t8JKkrF8CcqO7vwMjeO8&google_cver=1&google_push=AXcoOmSKQba5XJMjqdkxwDrF7zSPUJlla_ngLh68npDRhdZkBl5lMEUkUHTQ9wSfVMBKv9XPo5GI8wRUcxPAuXdfLL6yfriOOKJX6Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409014&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409174&bpp=3&bdt=1290&idt=210&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=259005268492&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080409&ga_hid=202743654&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076836%2C31076964%2C44799571%2C44789816%2C21065724&oid=2&pvsid=4327037523449845&tmod=1074106898&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tdjs3rj8l6j3&fsb=1&dtd=222
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
an-x-request-uuid
7cfece4c-647e-42b6-ab36-03cb356c3420
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTAxNjk0ODExNDA2NzY2ODkzNA%3D%3D&google_gid=CAESEC0t8JKkrF8CcqO7vwMjeO8&google_cver=1&google_push=AXcoOmSKQba5XJMjqdkxwDrF7zSPUJlla_ngLh68npDRhdZkBl5lMEUkUHTQ9wSfVMBKv9XPo5GI8wRUcxPAuXdfLL6yfriOOKJX6Q
x-proxy-origin
217.114.218.22; 217.114.218.22; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame E085 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IecBYFp6n3hvEl4DrDBCr4UMoIoexwXedl-IpEXg8nE-mbOIs9xUGxY9As4BKVbDYol2wdM1k
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409014&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409174&bpp=3&bdt=1290&idt=210&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=259005268492&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080409&ga_hid=202743654&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076836%2C31076964%2C44799571%2C44789816%2C21065724&oid=2&pvsid=4327037523449845&tmod=1074106898&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tdjs3rj8l6j3&fsb=1&dtd=222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:09 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dr
as.ad4m.at/ad/ Frame E80D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1htjqrwxw9k807gx34pt403mvj0znq5fxw3s06j20j0myq312s1wc23d6dpskreaefexn5bg7n4k9xf8dbem00c203q1de84y2rza5tg0yckahcczsesfaa74mmnz8bdwmedn1yg2vacfnm0p6vms8tche0rb1bykp4gjkvcy2xm6dy4422fjdvwg9c3a8hhnb968h5at0bjkj6hd73bav38j5h0d1vm91frcjwr9vbt6rcthj9ypz9peawfzj8md2vp8eattspg1eat34xwpvnwamd5q68wef96fhfph7es9x2wveks7a3mw4kyqnpqwzqahp9v2a69wzhmt2mmvxp18b1q3gtp1b8svtwdawpycp5m8q43pn23t0bavn54t56v2zn54vf428ktmse1dh7rtrc5jq04rw07rry1rn7m6was0z60q3754e7ech6rqn5aa3h6jwng&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoVGTGRnbZMDmJb_yvPIPn6eCsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQIimafJvEyyPqgDAcgDAqoE1wFP0KMPqou6xrzGiyBF5XVAIP_tHO3xtDJBkuFlGS3fTfze335L0r0m1VUz8nRSEltvEZLAJ6ZWJgm4hpLBaVLtUBpvYu0Ap2dxaSfG3RhtPYxprTsgM6FblfYLPseVRTT0W84JnBbqjnqoNy0alUtuuSfkezrYdkCl2Zqg4fGk1FvwkRAPr_iv8DazlT-rQoe2cZwQTIcwQ14sKhyPCLqUNb_WU78gyXIcmeI9w9dmqkR2d8Q_7XtXjqft23dKyEyWgoPtNmnkFrDXYy4qMQtqr547Fm6M-IAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3pYSGuVl4Yqvk7D6-441Z6J2ibAg%26client%3Dca-pub-1983042674979462%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409100&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409265&bpp=4&bdt=1377&idt=264&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=3916345261878&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=490264881&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44799955%2C44792012%2C44799581%2C44789816&oid=2&pvsid=964398651614398&tmod=734821863&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.haw97hvriulh&fsb=1&dtd=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd41eb9b9b3e36b7f9c245094fd0565f7c3ed4d12996cd03321d4712ff65f4a3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7f6f54825e352c56-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 06:20:09 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 8438 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409100&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409265&bpp=4&bdt=1377&idt=264&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=3916345261878&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=490264881&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44799955%2C44792012%2C44799581%2C44789816&oid=2&pvsid=964398651614398&tmod=734821863&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.haw97hvriulh&fsb=1&dtd=280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 14:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
57016
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 14:29:53 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9BC9 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409100&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409265&bpp=4&bdt=1377&idt=264&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=3916345261878&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=490264881&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44799955%2C44792012%2C44799581%2C44789816&oid=2&pvsid=964398651614398&tmod=734821863&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.haw97hvriulh&fsb=1&dtd=280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75062
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 09:29:07 GMT
etag
48472445140208031
expires
Tue, 15 Aug 2023 09:29:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 8438 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409100&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409265&bpp=4&bdt=1377&idt=264&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=3916345261878&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=490264881&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44799955%2C44792012%2C44799581%2C44789816&oid=2&pvsid=964398651614398&tmod=734821863&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.haw97hvriulh&fsb=1&dtd=280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 14:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
57016
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 14:29:53 GMT
l
www.google.com/ads/measurement/ Frame 8438 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQU-NPLWyV9Dbb-DeSUs9LNJDTTLg7tZXPHt3HvuEl5lo5yQ0AqcmjDTw4L49iRbECQ18UEmjbb4B8STjekOuy0284Ueg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409100&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409265&bpp=4&bdt=1377&idt=264&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=3916345261878&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=490264881&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44799955%2C44792012%2C44799581%2C44789816&oid=2&pvsid=964398651614398&tmod=734821863&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.haw97hvriulh&fsb=1&dtd=280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8438 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409100&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409265&bpp=4&bdt=1377&idt=264&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=3916345261878&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=490264881&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44799955%2C44792012%2C44799581%2C44789816&oid=2&pvsid=964398651614398&tmod=734821863&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.haw97hvriulh&fsb=1&dtd=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 06:20:09 GMT
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 6229 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jnca8ctc1mh5rhgj2nf3dg5yvqx0qydgqsdvg5ka4n4ywqygef0nx1dgzxqjacnv5ez8jvz7xemvsd6n7zq8tgahted2vnwjvwje4yh18qtgd3s60zygzspde5n1t58g4hjratney7pttmjdrxwmt3gfye3j5dwq7g9xdzfd4zp76cdtrxyxvnxezxmhxa09dd67dpkd468w684dfmgxmjvk5m4m7vghnae3t4qjm7kxf39r2ydm8yavpv545n65ymx5dbnfd9hr2vcck8pjatdh5yfdhnxc80kye8ydpaw435kqs878027zj4c4cbxw980nav5t4g7yqzf1bef5jcvg0ds1wtd318kr7h9t3vq39mgrf1pny47s5aafxvj9awq2xkjn5s287vem00d6t9mx34jynj64kaarcs53qf1jq7jet6evadhrzjbjw8jdcw7599691p0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClM5DGRnbZJbiHMXBo9kP9_upOJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAh5w21pFTrI-qAMByAMCqgTfAU_Q05LtXDemvwo9wcATsfkq0jRcbSEKiwJUzDv1qdQed5gsmSEmRrq5HIK3NySQ31yVyR8jJG3BZrProWRcdhvdqxhPSDEX209J0_6HKLBNstbHIhLx7rUUevrlhcpsMjvadF2HswBiuIZizMOwnEVgpB8S-QzS8qKAtPwqJAhvzpt31dilYTA28O1krJC6ipP7P7_4v-RkGp8csCTMO4C36b1uWkUeyRP5IpBZIT9nyalTSRbZEKPcq7yzFAEPT9T0TjWSBx26cwC2xWvuBNSREGsDTKX13_7qYyCPG-SABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0VrU1eSJkiR6GFB5tUhPMDxENCEQ%26client%3Dca-pub-1983042674979462%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jnca8ctc1mh5rhgj2nf3dg5yvqx0qydgqsdvg5ka4n4ywqygef0nx1dgzxqjacnv5ez8jvz7xemvsd6n7zq8tgahted2vnwjvwje4yh18qtgd3s60zygzspde5n1t58g4hjratney7pttmjdrxwmt3gfye3j5dwq7g9xdzfd4zp76cdtrxyxvnxezxmhxa09dd67dpkd468w684dfmgxmjvk5m4m7vghnae3t4qjm7kxf39r2ydm8yavpv545n65ymx5dbnfd9hr2vcck8pjatdh5yfdhnxc80kye8ydpaw435kqs878027zj4c4cbxw980nav5t4g7yqzf1bef5jcvg0ds1wtd318kr7h9t3vq39mgrf1pny47s5aafxvj9awq2xkjn5s287vem00d6t9mx34jynj64kaarcs53qf1jq7jet6evadhrzjbjw8jdcw7599691p0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClM5DGRnbZJbiHMXBo9kP9_upOJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAh5w21pFTrI-qAMByAMCqgTfAU_Q05LtXDemvwo9wcATsfkq0jRcbSEKiwJUzDv1qdQed5gsmSEmRrq5HIK3NySQ31yVyR8jJG3BZrProWRcdhvdqxhPSDEX209J0_6HKLBNstbHIhLx7rUUevrlhcpsMjvadF2HswBiuIZizMOwnEVgpB8S-QzS8qKAtPwqJAhvzpt31dilYTA28O1krJC6ipP7P7_4v-RkGp8csCTMO4C36b1uWkUeyRP5IpBZIT9nyalTSRbZEKPcq7yzFAEPT9T0TjWSBx26cwC2xWvuBNSREGsDTKX13_7qYyCPG-SABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0VrU1eSJkiR6GFB5tUhPMDxENCEQ%26client%3Dca-pub-1983042674979462%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
500821
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5zHE0C2zZqedLmj2HEqMOUErVscde0HMrSKA0kW8Yi%2BDgzzAa0TJtkPgxnEr8Jlb559Fg5p%2FcGM%2Fl28yAXzzYOLQR4KUInH5gIukyNXGh8JIoOD7E2yYStyVVlmxefM9mtCKQ9JNYgM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7f6f54828e6a2c56-FRA
expires
Tue, 15 Aug 2023 07:20:10 GMT
r62eglto.js
ad4m.at/ Frame 6229 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jnca8ctc1mh5rhgj2nf3dg5yvqx0qydgqsdvg5ka4n4ywqygef0nx1dgzxqjacnv5ez8jvz7xemvsd6n7zq8tgahted2vnwjvwje4yh18qtgd3s60zygzspde5n1t58g4hjratney7pttmjdrxwmt3gfye3j5dwq7g9xdzfd4zp76cdtrxyxvnxezxmhxa09dd67dpkd468w684dfmgxmjvk5m4m7vghnae3t4qjm7kxf39r2ydm8yavpv545n65ymx5dbnfd9hr2vcck8pjatdh5yfdhnxc80kye8ydpaw435kqs878027zj4c4cbxw980nav5t4g7yqzf1bef5jcvg0ds1wtd318kr7h9t3vq39mgrf1pny47s5aafxvj9awq2xkjn5s287vem00d6t9mx34jynj64kaarcs53qf1jq7jet6evadhrzjbjw8jdcw7599691p0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClM5DGRnbZJbiHMXBo9kP9_upOJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAh5w21pFTrI-qAMByAMCqgTfAU_Q05LtXDemvwo9wcATsfkq0jRcbSEKiwJUzDv1qdQed5gsmSEmRrq5HIK3NySQ31yVyR8jJG3BZrProWRcdhvdqxhPSDEX209J0_6HKLBNstbHIhLx7rUUevrlhcpsMjvadF2HswBiuIZizMOwnEVgpB8S-QzS8qKAtPwqJAhvzpt31dilYTA28O1krJC6ipP7P7_4v-RkGp8csCTMO4C36b1uWkUeyRP5IpBZIT9nyalTSRbZEKPcq7yzFAEPT9T0TjWSBx26cwC2xWvuBNSREGsDTKX13_7qYyCPG-SABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0VrU1eSJkiR6GFB5tUhPMDxENCEQ%26client%3Dca-pub-1983042674979462%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
568183
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rCI%2FzyEYvqG5ZdnzzamD4WfPgh0RpgS%2FPx7HtMUXEP%2F4PF3tV7Tq9usgFHNxRbBYs6BVE7z%2BHoXnQGUF5aHu3e%2F09UY%2BXWYhlFtoevsL4%2BgaXIaxUvnTWOSdcQj6g50d1CxARoU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7f6f5482ae842c56-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 08 Aug 2023 16:30:16 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame D481 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
254378
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 12 Aug 2023 07:40:32 GMT
expires
Sun, 11 Aug 2024 07:40:32 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame E80D 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1htjqrwxw9k807gx34pt403mvj0znq5fxw3s06j20j0myq312s1wc23d6dpskreaefexn5bg7n4k9xf8dbem00c203q1de84y2rza5tg0yckahcczsesfaa74mmnz8bdwmedn1yg2vacfnm0p6vms8tche0rb1bykp4gjkvcy2xm6dy4422fjdvwg9c3a8hhnb968h5at0bjkj6hd73bav38j5h0d1vm91frcjwr9vbt6rcthj9ypz9peawfzj8md2vp8eattspg1eat34xwpvnwamd5q68wef96fhfph7es9x2wveks7a3mw4kyqnpqwzqahp9v2a69wzhmt2mmvxp18b1q3gtp1b8svtwdawpycp5m8q43pn23t0bavn54t56v2zn54vf428ktmse1dh7rtrc5jq04rw07rry1rn7m6was0z60q3754e7ech6rqn5aa3h6jwng&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoVGTGRnbZMDmJb_yvPIPn6eCsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQIimafJvEyyPqgDAcgDAqoE1wFP0KMPqou6xrzGiyBF5XVAIP_tHO3xtDJBkuFlGS3fTfze335L0r0m1VUz8nRSEltvEZLAJ6ZWJgm4hpLBaVLtUBpvYu0Ap2dxaSfG3RhtPYxprTsgM6FblfYLPseVRTT0W84JnBbqjnqoNy0alUtuuSfkezrYdkCl2Zqg4fGk1FvwkRAPr_iv8DazlT-rQoe2cZwQTIcwQ14sKhyPCLqUNb_WU78gyXIcmeI9w9dmqkR2d8Q_7XtXjqft23dKyEyWgoPtNmnkFrDXYy4qMQtqr547Fm6M-IAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3pYSGuVl4Yqvk7D6-441Z6J2ibAg%26client%3Dca-pub-1983042674979462%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1htjqrwxw9k807gx34pt403mvj0znq5fxw3s06j20j0myq312s1wc23d6dpskreaefexn5bg7n4k9xf8dbem00c203q1de84y2rza5tg0yckahcczsesfaa74mmnz8bdwmedn1yg2vacfnm0p6vms8tche0rb1bykp4gjkvcy2xm6dy4422fjdvwg9c3a8hhnb968h5at0bjkj6hd73bav38j5h0d1vm91frcjwr9vbt6rcthj9ypz9peawfzj8md2vp8eattspg1eat34xwpvnwamd5q68wef96fhfph7es9x2wveks7a3mw4kyqnpqwzqahp9v2a69wzhmt2mmvxp18b1q3gtp1b8svtwdawpycp5m8q43pn23t0bavn54t56v2zn54vf428ktmse1dh7rtrc5jq04rw07rry1rn7m6was0z60q3754e7ech6rqn5aa3h6jwng&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoVGTGRnbZMDmJb_yvPIPn6eCsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQIimafJvEyyPqgDAcgDAqoE1wFP0KMPqou6xrzGiyBF5XVAIP_tHO3xtDJBkuFlGS3fTfze335L0r0m1VUz8nRSEltvEZLAJ6ZWJgm4hpLBaVLtUBpvYu0Ap2dxaSfG3RhtPYxprTsgM6FblfYLPseVRTT0W84JnBbqjnqoNy0alUtuuSfkezrYdkCl2Zqg4fGk1FvwkRAPr_iv8DazlT-rQoe2cZwQTIcwQ14sKhyPCLqUNb_WU78gyXIcmeI9w9dmqkR2d8Q_7XtXjqft23dKyEyWgoPtNmnkFrDXYy4qMQtqr547Fm6M-IAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3pYSGuVl4Yqvk7D6-441Z6J2ibAg%26client%3Dca-pub-1983042674979462%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
500821
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mwuf%2F8vl3163GW587WWbi3kSlyskHu69ESnT70kJ4t4EORvMgUwifTbb195WH48LU%2FF9B7zrMQpyW2B5h6Hcvt8%2FyZzJzxrOaFd6JSQYqdK2UP2BFCMnW41Yb7CaMaBWZuiE7jP5KRY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7f6f5482c99c39ec-FRA
expires
Tue, 15 Aug 2023 07:20:10 GMT
r62eglto.js
ad4m.at/ Frame E80D 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1htjqrwxw9k807gx34pt403mvj0znq5fxw3s06j20j0myq312s1wc23d6dpskreaefexn5bg7n4k9xf8dbem00c203q1de84y2rza5tg0yckahcczsesfaa74mmnz8bdwmedn1yg2vacfnm0p6vms8tche0rb1bykp4gjkvcy2xm6dy4422fjdvwg9c3a8hhnb968h5at0bjkj6hd73bav38j5h0d1vm91frcjwr9vbt6rcthj9ypz9peawfzj8md2vp8eattspg1eat34xwpvnwamd5q68wef96fhfph7es9x2wveks7a3mw4kyqnpqwzqahp9v2a69wzhmt2mmvxp18b1q3gtp1b8svtwdawpycp5m8q43pn23t0bavn54t56v2zn54vf428ktmse1dh7rtrc5jq04rw07rry1rn7m6was0z60q3754e7ech6rqn5aa3h6jwng&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoVGTGRnbZMDmJb_yvPIPn6eCsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQIimafJvEyyPqgDAcgDAqoE1wFP0KMPqou6xrzGiyBF5XVAIP_tHO3xtDJBkuFlGS3fTfze335L0r0m1VUz8nRSEltvEZLAJ6ZWJgm4hpLBaVLtUBpvYu0Ap2dxaSfG3RhtPYxprTsgM6FblfYLPseVRTT0W84JnBbqjnqoNy0alUtuuSfkezrYdkCl2Zqg4fGk1FvwkRAPr_iv8DazlT-rQoe2cZwQTIcwQ14sKhyPCLqUNb_WU78gyXIcmeI9w9dmqkR2d8Q_7XtXjqft23dKyEyWgoPtNmnkFrDXYy4qMQtqr547Fm6M-IAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3pYSGuVl4Yqvk7D6-441Z6J2ibAg%26client%3Dca-pub-1983042674979462%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
568183
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KE6luzgzDFSe%2FLEMOyxnmwDMrkjTGpuzhT8nxAm6teu5bmCdXNjsxWciMb8uPGEL%2BOV1MkS5GxzMKXu0Ers26%2FLSDN36II%2B2sq1pXIpDseKpRdur8OQi1GiW71tUNz%2F3wXmTn%2Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7f6f5482ceb32c56-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 08 Aug 2023 16:30:16 GMT
truncated
/ Frame 8438 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4769e4ee7cdd059d1a5f8488c96c84aea498bcc25b9b520f5a14280f14a1b027

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame 4FEA 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?-PWhmQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 9BC9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEP0deGx7qGgQCVBjDzEvYiU&google_cver=1&google_push=AXcoOmTOHnj9PouG_vObGlstBesYZsVJLjfiu-CHaf7nNy-URm4vZ-KmMCVmSQ0xOyUi_9XD_uRQx2WIxA4VMl06fEciHVGfVA
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NjkzMTEzMjA0NDU1NjUzNTY1NQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP0deGx7qGgQCVBjDzEvYiU&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP0deGx7qGgQCVBjDzEvYiU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409100&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409265&bpp=4&bdt=1377&idt=264&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=3916345261878&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=490264881&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44799955%2C44792012%2C44799581%2C44789816&oid=2&pvsid=964398651614398&tmod=734821863&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.haw97hvriulh&fsb=1&dtd=280
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 15 Aug 2023 06:20:09 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP0deGx7qGgQCVBjDzEvYiU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 9BC9 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJ3Hau2TCv8JkmVWa3jhjo8&google_cver=1&google_push=AXcoOmQiAyeNXidC5bC4wWqAL03YVhQVsjdndQrVb3Ai9NCLyA_ux-eloYL7MHV_6S-nYwQTWDWmT4j3XyhDMQ3mACWHtOOX_PY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409100&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409265&bpp=4&bdt=1377&idt=264&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=3916345261878&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=490264881&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44799955%2C44792012%2C44799581%2C44789816&oid=2&pvsid=964398651614398&tmod=734821863&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.haw97hvriulh&fsb=1&dtd=280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 9BC9 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEEfl8t3kDdr5xiMMfc_-lzM&google_cver=1&google_push=AXcoOmSYboygQO8p1uj1f5m-f29-YHGGaLWzJyNZG5o4zh6I9xAlkhEEOTaSgWTN4QtuXvxSjZYAt1428ers1gN2Zl8usJ3QSOc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409100&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409265&bpp=4&bdt=1377&idt=264&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=3916345261878&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=490264881&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44799955%2C44792012%2C44799581%2C44789816&oid=2&pvsid=964398651614398&tmod=734821863&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.haw97hvriulh&fsb=1&dtd=280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
sync
x.bidswitch.net/ Frame 9BC9 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEA6lQEKDo84ucq_rOGSpjC8&google_cver=1&google_push=AXcoOmSLBwpc8h6W1Ivxvdwz8osr3QNRqqMO78hg6Vxd5w1wZEzVSvoDLOfzJhcSYV3NwOL3LZj4iw5wBhOK6gcGy-BtenEpkg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409100&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409265&bpp=4&bdt=1377&idt=264&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=3916345261878&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=490264881&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44799955%2C44792012%2C44799581%2C44789816&oid=2&pvsid=964398651614398&tmod=734821863&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.haw97hvriulh&fsb=1&dtd=280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.75.15 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-75-15.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
-
s.ad.smaato.net/c/n/// Frame 9BC9 		0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBW2sszdoAwoBVBrqeUr-4A&google_cver=1&google_push=AXcoOmQsjcC8wI5_buga9jOgo42JQBdppdK2tzO8x8oRfTya7BSAyif7B3jmSE1MnlKIl77KiSySmwo845dYIlnLwHA9vVuBOPk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409100&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409265&bpp=4&bdt=1377&idt=264&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=3916345261878&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=490264881&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44799955%2C44792012%2C44799581%2C44789816&oid=2&pvsid=964398651614398&tmod=734821863&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.haw97hvriulh&fsb=1&dtd=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25e8:7200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
cache-control
no-cache, must-revalidate
via
1.1 1559f99ec21d6c3066e5715e5c06aa76.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS1-P3
x-amz-cf-id
rqUNXDdvHQBIRCcfQ2e-TkxCe1tbXEC4B1uY62bCoJ_6q_TYcQkKTw==
x-cache
Miss from cloudfront
report
sync.teads.tv/um/ Frame 9BC9
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEArsPv41CRMc...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRJU-xGJFO7rRp66nOx8NfPSQNNGHm5i04_j_jjKd6CZm8KRvEIJKWvzyo-sNEgQszC-yafeZSUhwm-auxn-3QJPMGIicS-
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409100&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409265&bpp=4&bdt=1377&idt=264&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=3916345261878&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=490264881&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44799955%2C44792012%2C44799581%2C44789816&oid=2&pvsid=964398651614398&tmod=734821863&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.haw97hvriulh&fsb=1&dtd=280
Protocol
H2
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Tue, 15 Aug 2023 06:20:10 GMT
pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 9BC9 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJKfZFftd-ieC4w_iV9ooUo&google_cver=1&google_push=AXcoOmSxqMVDnER6-quD6tcNa05e-Vni-F0KR3gx7KFI6hR0wds0D6IiRDMUhg_vEXS9aBe3Qx0HhVwevKt7Luex1R6QPS6yvdM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409100&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409265&bpp=4&bdt=1377&idt=264&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=3916345261878&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=490264881&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44799955%2C44792012%2C44799581%2C44789816&oid=2&pvsid=964398651614398&tmod=734821863&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.haw97hvriulh&fsb=1&dtd=280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.75.15 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-75-15.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame 9BC9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L16gJMRylGF1h_9s7xARFPDlpFUEgM0uxyiOr_nmR5VmKppkeuOtgaSHzCqulzMwAUwnBnXQA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409100&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409265&bpp=4&bdt=1377&idt=264&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=3916345261878&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=490264881&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44799955%2C44792012%2C44799581%2C44789816&oid=2&pvsid=964398651614398&tmod=734821863&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.haw97hvriulh&fsb=1&dtd=280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js
pagead2.googlesyndication.com/bg/ Frame D481 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 07:31:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
82114
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Aug 2024 07:31:36 GMT
file.mp4
r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/6967f19e4f122d9f/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825912847/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 3385 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/6967f19e4f122d9f/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825912847/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/79DBE19EE487303E8C3B1D552A82F53A494E8CE2.5DA5347762A9A1A7CF0A8DD873AF8BF5AD26B986/key/cms1/cms_redirect/yes/mh/Vx/mip/2001:1b60:2:240:3247::10/mm/42/mn/sn-4g5edn6r/ms/onc/mt/1692079807/mv/u/mvi/3/pl/29/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:e::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
500c4e68f14c286487627cec4c9533b486c8a7a941e9c3e243f234ad19f7a034
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range
bytes=0-

Response headers

expires
Tue, 15 Aug 2023 06:20:10 GMT
date
Tue, 15 Aug 2023 06:20:10 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-1774721/1774722
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
1774722
last-modified
Fri, 14 Apr 2023 09:33:19 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
client-protocol
quic
csi
csi.gstatic.com/ Frame 3385 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~llbwzk8u&c=5021897222359&slotId=2510948611179.5&qqid=CK3Y0d2C3oADFQLA3god3T8LuA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=749&mt=video%2Fmp4&vs=854x480&ple=1&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Funified.adsafeprotected.com%252Fv2%252F1434172%252F70774489%253Fmon%253D70774493%2526omidPartner%253DGoogle2%2526apiframeworks%253D7%2526bundleId%253D%2526ias_xappb%253D%2526blockedAdTracking%253Dhttps%253A%252F%252Fgoogleads4.g.doubleclick.net%252Fpcs%252Fview%25253Fxai%25253DAKAOjsu8_nI1slJg-9bETAWyUnMIndEBZ5MWw6fpTFeX9obfK0OGrQe85ivdqL962FbjRaFFLPpg-lm7DdtsnLSb1lEyY8kWCPYFsaNF7Rlc3Mz5do-M9GVb-o90pSMRBS9q4R9V8BdcbnnrcCw6dT1swLUdCbPPgl7fQ2S3GiapNEX8-Zo36RL-1NmrAwbGXjipf3kpEfQFM0YYUABs%252526sai%25253DAMfl-YRSVf1LkOA-GbD4CZHFNAxZiORYnAm0_M_KeVBBGzFAFIXlIM2F953LdkGBlwTwXSPPNsYfTVuvLOsjnpXHBrIrVUJeFjwBpg9mTGBoDbHn0YUpUI7CVNE0EmCThKt7HiIygo1G2iKRxRLynG8g4j9fbA%252526sig%25253DCg0ArKJSzLIsgKn1aIJBEAE%252526uach_m%25253D%25255BUACH%25255D%252526urlfix%25253D1%252526vt%25253D13%252526adurl%25253D%2526redirectedRetries%253D0%2526ias_dspID%253D3%2526ias_campId%253D1013136622%2526ias_pubId%253Dpub-3240616428100660%2526ias_chanId%253D1%2526ias_placementId%253D20224732309%2526bidurl%253Dhttps%253A%252F%252Flihkg.com%252Fthread%252F3470022%252Fpage%252F3%2526ias_dealId%253D549644393847793680%2526adsafe_par%2526ias_impId%253Dv4~~ABAjH0giFuFJ653c_lyseFmbwDr5%2526originalVast%253Dhttps%253A%252F%252Fad.doubleclick.net%252Fddm%252Fpfadx%252FN6024.328593VIVAKI.COM%252FB29808231.364634258%25253Bsz%25253D0x0%25253Bdsp_id_0_%25253D3%25253Bdsp_campaignid_0_%25253D1013136622%25253Bdsp_publisherid_0_%25253Dpub-3240616428100660%25253Bdsp_chanid_0_%25253D1%25253Bdsp_placementid_0_%25253D20224732309%25253Bdsp_bidurl_0_%25253Dhttps%253A%252F%252Flihkg.com%252Fthread%252F3470022%252Fpage%252F3%25253Bdsp_dealid_0_%25253D549644393847793680%25253Bdsp_impid_0_%25253Dv4~~ABAjH0giFuFJ653c_lyseFmbwDr5%25253Bord%25253D%25255Btimestamp%25255D%25253Bdc_lat%25253D%25253Bdc_rdid%25253D%25253Btag_for_child_directed_treatment%25253D%25253Btfua%25253D%25253Bdcmt%25253Dtext%252Fxml%25253Bdc_sdkv%25253Dh.0.0.0%25253Bdc_osd%25253D2%25253Bdc_frm%25253D2%25253Bdc_sdr%25253D1%25253Bdc_ref%25253Dhttps%253A%252F%252Flihkg.com%252Fthread%252F3470022%252Fpage%252F3%25253Fves%25253DdGltZXN0YW1wOiAxNjkyMDgwNDA5NTY5CmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzdVhvRTk1dmN0T1hrcUx2ZUFTNmxjbkNIZWxCRm9DWDJ0U1BnU0ppbWl6aEVZM3Z6V1J4U3I0SUxvTjZiN2tsazF5NXE1TlVJTE5HcVhUT3ctX2hJcE9mZHg5NC01Uk1RVWlWWXRDb0cxemhtOEpyOWNXUWZlZmVwUW91MUYxY0c2czdPMldKYkJXWWpwN0ZwOVdtQjhZX0pETkgydDRzbXR3YUFqMTRudWVVOTJRNjFaRWt2c2RCa2Y1NXg4a0RYN0tEaUl6dHVWT2MwbGNuMnNUZ0tIR1NHMHo1a0s0d193SU83ZXdKZzV4OHdFYS05d2ZwRkI3b3YwQ0JiZTVPbFhpOV9WZ1VESzdhWDYwVHhZbzRYODhnWUhPY2xXVkFMZXdzakdMaVNsWTU5LUV6V3NiNXFzWVpiNlFZNW80dHlhajNfWmRYSEpDRTZSX1dxbUNKZ3RYWFF0M0pnN2ZMZjBoeFAtUVBIN0g0YWI1Z054dkRuU2dSTUxLaEhxcUdiQVRRQmVFTnkzZnd6bVd4dlFWWkNRTGpZbGJQdWw3bXFzQzU5VWNZWnBvckZjSzRBei13VzVCV3lxc0Y1MXRqZ0QzN2NyazU5VE9lS3JsUElUa3I1WG4yWm1fd0cybnctUy1BNDBXVDFuM3U2V3VjdllOaHlNOEotQ25JYmx5SmhON2FLenZabzBTWkpXS3lfTlVsY0ZDZGhMQVhINU9laTExOWRWX05kN3QtZDVBRXItT3ptREctSnN3eHFGSU5hSUhPNXZEdFplMVZoXzdlX1lRNFdwMGdLSDJVb0d6SFNnU252UlB2bWRwei1qdzBLakgteXFscS1qTHhudF9DVktOQ2pybnBFQk9pdkpJTTl3eWxNZnVUcmMyU25leFN1c2R5M2VaTUpONU5XaVhYRFY2am5nLUx0V2lYTTVUVlp6WHhXV3BXU1d6ZEMyZmpweTA0c2l2MFE0ZzFoOVZNWldaOHNVbzNpUWI2dDE0aXpnRkpTcWRieVUtTEw0Zk5PNVZiQnVIdEN2bnBkcTU5emdDWHJ6bVZMemlRa0V1QlJPSmU5TmRacjIyWEFDSk1hV015WjE2SFFGWUxGb21pRm4zN09BSEJ1akNXXzRNNlVqLUpuQmtvb29YOHdqQ0hLdkw1RVF2NEQxVUhWdVUzWVlnYU1JRDhYNGdFN0JvdHI3VGw1VlZFWlZGQlFMYUlYWlNESF9CcTdTT0xxa1JOWmVvY1RNRF9wd2Nya0NyMUlnTjdhaXVTWFVCQnhucEktdEFRNUo5d2ZuLXlGNzlCU0VvVUNUQUhHWHBQUmt5YzVEczU5RFVyWmpCT3VPeXEyT0tEbVZhMmtNd0FTRkVFQmxzSUFpQmxlN3p6QnVOcDU2aXY5OThXRzZicXZUYnFoQWRTNVlTei1mR0JjQW92RnpYenppcE1SVzU5ZGd4X1c0SmpBMXpETHBRSTVfdmpsbzVsTWlGM0trSDJuQ01xZEhyT0h1WXBoUUNqcFVIVnJDdHo4T0xfNWlyeWVqRFNmcVRaTDNMTVU2aVNiald1d0VsM0hRRWJJYnR5cFMxWWIyemNiNmIxdHBCM0lRQmNEeDlsY0lSamdmY1E3WnBDWloxdzVXTmNKcF9zUGVnQTFlcW8xWF83RGtYUVpkSXVBRGFhLTczWXpSMlJaZ1dLcWc4WFhLQ1lnUzg0MExIeTE3WWFfYmtHZnd3UDVseFhKUnFxMjRXUEJkT0pOcFFGblo3OHQ3aGhMV1JQak94VHEtUTYtUkh2VDE5amE3Ri1vTHNad3h3RUNsMHlPODI1cm9oWjl3emxXSk9wT0dWQm4wVnpINDN4N2h0TUFJQnB3JnNhaT1BTWZsLVlUV2MyS0FNSGxNejllUER2VTVhaUs5MFBrN3hycjZYVUtDR0lYdjhBMnRYQUtfMWt5YWhweHh5aVoxRXhUN2JtUUN4VU1NYzVhLUUtLTJRTlRWTEliTm8xVURpbVVkbzJMLWdMZ0RXZXFzZ29zbjBZSmJ4OUgzdl9Fb05FQm1lT3lydTNtRXV5WU51eW1fODkxYUpHSUNlbFlWaVUxbEtrd055TnBGbF9NcURsVVUyTmZvYmZ0U0JtOThNWmNodzlmSjlvUVNoekRNdUZsaWREblMtU2dTbVU2M2hpSUdWc3NDVWItR1QtT2ZnVVJIQ2hvSmU0VUpTcEE3Smgxemp0OUNDMnBKcHd1czJjVDMyOEJCMmlvTjdqeWFta0lFMDFJOWJTajRsaU41TlpqcjdqYUlfMEczY1BwYVFTeUt3MGNEWXg1NDRhaHY0OHJ6bGc4SVpyeEpIdmN3YWtSejFrX1Vhbk44UjE0Slh2ZjVWTnhjNklRVmNsMCZzaWc9Q2cwQXJLSlN6SHBYS1VYOGNiNXBFQUUmY3J5PTEmZmJzX2FlaWQ9W2d3X2Zic2FlaWRdJnVybGZpeD0xJmFkdXJsPWh0dHBzOi8vd3d3LnZpc2EuZGUvZGViaXQuaHRtbCUzRnV0bV9tZWRpdW0lM0RkaXNwbGF5JTI2dXRtX2NhbXBhaWduJTNEdmlzYV9kZV9meTIzcTNfdmlzYV9kZV9meTIzX3ByZWZlcmVuY2UlMjZ1dG1fc291cmNlJTNEMjc4MjMyMyUyNnV0bV9jb250ZW50JTNEMTkwMjk1NTA0XzU1NTc4MDkzMSUyNnV0bV90ZXJtJTNEMzY0NjM0MjU4JTI2ZGNsaWQlM0QlMjVlZGNsaWQhIgo%252526dc_cid%25253D190295504%252526dc_adid%25253D555780931&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1004::78 Fort Worth, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dr
as.ad4m.at/ad/ Frame E036 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jw12j2kg98x3tssb7dcjv6r45kx35yxehkn793cf7dxv691dtxp7gpacs9mxew8aemk6t5zrctd3h80cyew9x6r2skbtx9veyf6qmrh4kk5sjcxc0436kjcce0157jt3s5sdnc3hxtr7n4632gq1985vwzr1wq7e0n0tfkpz0ppwvygrb52jwkkach20dqb80djqy8b7xks29s7fn6shwpe66gta3xe3e0ny8chhrtb6v8b6448p4skagmjrh6b6qswnexbm2tgcsqe8ckz0j537q1fth7sbn07nd2x6jx7arhc7ec4b84cycrctyt9c4132d20wd9431pyt07agn2gdanmecs47pc9grswk5xxv873016kzet2pyffca4877hkdr2vqjhrphp87fn4y6p78zp4r717r1anpxtz1vzwr0ehc07zwmbz0f44mtfmk4n87zanqe20&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC632dGRnbZM3LJayGn88Px7ORoAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJKgSnmX1yyPqgDAcgDAqoE3wFP0FGI4GsjKhFM23280oAnkHR7fDyvX8Y0kqaK1_J_8cPVvvdrSbpq0Q4ppGE-esyxNDZTbKMy0pgS4M6vC5dNauKVzDqGH5SONNJMltARSluF6ne2FOgA3tiX4cxp8nmUwA23fOZrj37yPuKZZiDe2oalMcKGCSIabNL0GHekOxv7RZZQMgklMWHs3oP5fmXA9ex8xwJzG_f9GV_WsY9FlYzEFuv4rQsC4GU2rswfWQ8ch891i53s2rSYoTkBSedoF--pkmg5y6f48-XZhD8YcpbrmrtTggaOQIed1yLLgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0H7iwkLdWAPGLDFy_m0tUn_5DAjQ%26client%3Dca-pub-1983042674979462%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409032&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409246&bpp=3&bdt=1359&idt=258&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=2348983626704&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=785304189&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31076837%2C31076876%2C44799579%2C44789816&oid=2&pvsid=4231817946788915&tmod=1468571350&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.zbkmca78uwj7&fsb=1&dtd=273
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3be6e4d08cda1d9f7bcf4ddce4628247d2d63939637e384a1974ae174478174
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7f6f5483cad639ec-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 06:20:10 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame DBDB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409032&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409246&bpp=3&bdt=1359&idt=258&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=2348983626704&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=785304189&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31076837%2C31076876%2C44799579%2C44789816&oid=2&pvsid=4231817946788915&tmod=1468571350&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.zbkmca78uwj7&fsb=1&dtd=273
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 14:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
57017
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 14:29:53 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9892 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409032&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409246&bpp=3&bdt=1359&idt=258&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=2348983626704&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=785304189&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31076837%2C31076876%2C44799579%2C44789816&oid=2&pvsid=4231817946788915&tmod=1468571350&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.zbkmca78uwj7&fsb=1&dtd=273
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75063
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 09:29:07 GMT
etag
48472445140208031
expires
Tue, 15 Aug 2023 09:29:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame DBDB 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409032&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409246&bpp=3&bdt=1359&idt=258&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=2348983626704&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=785304189&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31076837%2C31076876%2C44799579%2C44789816&oid=2&pvsid=4231817946788915&tmod=1468571350&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.zbkmca78uwj7&fsb=1&dtd=273
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 14:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
57017
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 14:29:53 GMT
l
www.google.com/ads/measurement/ Frame DBDB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSqU4_J2v3T1xFNHd79xb2hpGZisfPTd06-a7r6-LdsPD5KbIWc-oqmgfvtqnBmYR3X3yhRK9Mh4HWHyoBTvlU1mBj1NQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409032&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409246&bpp=3&bdt=1359&idt=258&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=2348983626704&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=785304189&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31076837%2C31076876%2C44799579%2C44789816&oid=2&pvsid=4231817946788915&tmod=1468571350&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.zbkmca78uwj7&fsb=1&dtd=273
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DBDB 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409032&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409246&bpp=3&bdt=1359&idt=258&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=2348983626704&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=785304189&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31076837%2C31076876%2C44799579%2C44789816&oid=2&pvsid=4231817946788915&tmod=1468571350&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.zbkmca78uwj7&fsb=1&dtd=273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 06:20:10 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 6229 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3457
x-guploader-uploadid
ADPycdsbbnt5NrGD8XWC9mz7OThy64CUbvokcgdlXT8JWFSQN4ce5RerNBbtgxA17hV5xErngQFpZk-j06mXgsBB8zaIBw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w4yzqZMuJMpfBcIPNBypUmINM5S%2F8K4M7VVh8t0LJnGvSdcPWJ%2FoZbNdAgWIH4ay1%2BsjdYXb342zBhbUjlYl16vQ%2Bh1ONUmymHaNv3xc%2Bq5apsjv3smPAq4FApJ9L%2Blm6z1Jvhgzp8veXYk5y3siu1cL"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7f6f54842d7d2bc5-FRA
expires
Tue, 15 Aug 2023 05:59:45 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame E80D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3457
x-guploader-uploadid
ADPycdsbbnt5NrGD8XWC9mz7OThy64CUbvokcgdlXT8JWFSQN4ce5RerNBbtgxA17hV5xErngQFpZk-j06mXgsBB8zaIBw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHhl8Mz%2BOdcp1lXbTFvAztuRb0Dhtkm2xxXPQ7iaOat03XE%2B83mJSoPgSc7HljLlS2%2FlmFyVxqTcuFqy0VKgSjC2%2BAp%2F5%2Fd8Yodd8fpuR7YnMQAahgtW8IoGnSpVqsVDstc%2BfQhvPIi4ZuQHpBjr9R4%2B"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7f6f54842d7e2bc5-FRA
expires
Tue, 15 Aug 2023 05:59:45 GMT
frame.html
ad4m.at/ Frame F29F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1444696
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7f6f5483eae939ec-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 15 Aug 2023 06:20:10 GMT
expires
Sun, 09 Jul 2023 00:24:59 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eoZXAzwtv6qtiZnGsNSbC1m9d9epTb%2Fu%2B%2FQQG7ceHA2MseILkxryLVODzfJbDsuoEVoZnxAxHh2Ae0sY1VBbuPISjGeNECaJmo9j9G1%2F20rQSqm5xn%2F1kmENj72%2BaFr9YmQBWSQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
frame.html
ad4m.at/ Frame 78AB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1444696
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7f6f5483eaeb39ec-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 15 Aug 2023 06:20:10 GMT
expires
Sun, 09 Jul 2023 00:24:59 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5PyvGFC7KizGk5i29hJziEMeDmQX%2FTRdrhMfSTZaJ2RcYPpDychD37YYKWfkJKsT0uMoRVIMZFziPXn1GrPfx9CaWwm4ehol6%2BlrSi0X2i4Ah5YRQ331OHI1Q2vzaidptKRt8lg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
generate_204
tpc.googlesyndication.com/ Frame 2ABF 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?_rv8RA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame E036 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jw12j2kg98x3tssb7dcjv6r45kx35yxehkn793cf7dxv691dtxp7gpacs9mxew8aemk6t5zrctd3h80cyew9x6r2skbtx9veyf6qmrh4kk5sjcxc0436kjcce0157jt3s5sdnc3hxtr7n4632gq1985vwzr1wq7e0n0tfkpz0ppwvygrb52jwkkach20dqb80djqy8b7xks29s7fn6shwpe66gta3xe3e0ny8chhrtb6v8b6448p4skagmjrh6b6qswnexbm2tgcsqe8ckz0j537q1fth7sbn07nd2x6jx7arhc7ec4b84cycrctyt9c4132d20wd9431pyt07agn2gdanmecs47pc9grswk5xxv873016kzet2pyffca4877hkdr2vqjhrphp87fn4y6p78zp4r717r1anpxtz1vzwr0ehc07zwmbz0f44mtfmk4n87zanqe20&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC632dGRnbZM3LJayGn88Px7ORoAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJKgSnmX1yyPqgDAcgDAqoE3wFP0FGI4GsjKhFM23280oAnkHR7fDyvX8Y0kqaK1_J_8cPVvvdrSbpq0Q4ppGE-esyxNDZTbKMy0pgS4M6vC5dNauKVzDqGH5SONNJMltARSluF6ne2FOgA3tiX4cxp8nmUwA23fOZrj37yPuKZZiDe2oalMcKGCSIabNL0GHekOxv7RZZQMgklMWHs3oP5fmXA9ex8xwJzG_f9GV_WsY9FlYzEFuv4rQsC4GU2rswfWQ8ch891i53s2rSYoTkBSedoF--pkmg5y6f48-XZhD8YcpbrmrtTggaOQIed1yLLgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0H7iwkLdWAPGLDFy_m0tUn_5DAjQ%26client%3Dca-pub-1983042674979462%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jw12j2kg98x3tssb7dcjv6r45kx35yxehkn793cf7dxv691dtxp7gpacs9mxew8aemk6t5zrctd3h80cyew9x6r2skbtx9veyf6qmrh4kk5sjcxc0436kjcce0157jt3s5sdnc3hxtr7n4632gq1985vwzr1wq7e0n0tfkpz0ppwvygrb52jwkkach20dqb80djqy8b7xks29s7fn6shwpe66gta3xe3e0ny8chhrtb6v8b6448p4skagmjrh6b6qswnexbm2tgcsqe8ckz0j537q1fth7sbn07nd2x6jx7arhc7ec4b84cycrctyt9c4132d20wd9431pyt07agn2gdanmecs47pc9grswk5xxv873016kzet2pyffca4877hkdr2vqjhrphp87fn4y6p78zp4r717r1anpxtz1vzwr0ehc07zwmbz0f44mtfmk4n87zanqe20&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC632dGRnbZM3LJayGn88Px7ORoAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJKgSnmX1yyPqgDAcgDAqoE3wFP0FGI4GsjKhFM23280oAnkHR7fDyvX8Y0kqaK1_J_8cPVvvdrSbpq0Q4ppGE-esyxNDZTbKMy0pgS4M6vC5dNauKVzDqGH5SONNJMltARSluF6ne2FOgA3tiX4cxp8nmUwA23fOZrj37yPuKZZiDe2oalMcKGCSIabNL0GHekOxv7RZZQMgklMWHs3oP5fmXA9ex8xwJzG_f9GV_WsY9FlYzEFuv4rQsC4GU2rswfWQ8ch891i53s2rSYoTkBSedoF--pkmg5y6f48-XZhD8YcpbrmrtTggaOQIed1yLLgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0H7iwkLdWAPGLDFy_m0tUn_5DAjQ%26client%3Dca-pub-1983042674979462%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
500821
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pY07S2zZ5sbTiT%2Bfnt4TL%2BE02pd5JDDfUEJVmSzOwG1wTWQ2AFnllDM5rX7%2FYQcyZ9JjwDm4PCjbSa8Zh8Jt50RGU2eARcsjWigvB2tYQDz2ie3oyAsYSyHXAk%2FoKfbXiJEJQactSi0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7f6f54844b5739ec-FRA
expires
Tue, 15 Aug 2023 07:20:10 GMT
r62eglto.js
ad4m.at/ Frame E036 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jw12j2kg98x3tssb7dcjv6r45kx35yxehkn793cf7dxv691dtxp7gpacs9mxew8aemk6t5zrctd3h80cyew9x6r2skbtx9veyf6qmrh4kk5sjcxc0436kjcce0157jt3s5sdnc3hxtr7n4632gq1985vwzr1wq7e0n0tfkpz0ppwvygrb52jwkkach20dqb80djqy8b7xks29s7fn6shwpe66gta3xe3e0ny8chhrtb6v8b6448p4skagmjrh6b6qswnexbm2tgcsqe8ckz0j537q1fth7sbn07nd2x6jx7arhc7ec4b84cycrctyt9c4132d20wd9431pyt07agn2gdanmecs47pc9grswk5xxv873016kzet2pyffca4877hkdr2vqjhrphp87fn4y6p78zp4r717r1anpxtz1vzwr0ehc07zwmbz0f44mtfmk4n87zanqe20&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC632dGRnbZM3LJayGn88Px7ORoAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJKgSnmX1yyPqgDAcgDAqoE3wFP0FGI4GsjKhFM23280oAnkHR7fDyvX8Y0kqaK1_J_8cPVvvdrSbpq0Q4ppGE-esyxNDZTbKMy0pgS4M6vC5dNauKVzDqGH5SONNJMltARSluF6ne2FOgA3tiX4cxp8nmUwA23fOZrj37yPuKZZiDe2oalMcKGCSIabNL0GHekOxv7RZZQMgklMWHs3oP5fmXA9ex8xwJzG_f9GV_WsY9FlYzEFuv4rQsC4GU2rswfWQ8ch891i53s2rSYoTkBSedoF--pkmg5y6f48-XZhD8YcpbrmrtTggaOQIed1yLLgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0H7iwkLdWAPGLDFy_m0tUn_5DAjQ%26client%3Dca-pub-1983042674979462%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
568184
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DQWera%2FECMI6oRRQbXRxtLIHuRIl%2FT7Ghj3Z1i%2Fy69kbbpeEUvFbFp1Kh0SUsJSO6iO3mQ4BxjRj%2FrOs6keUVllLCdd4Xxf7wGFvdt7YK%2FuVHG98ZOqQobpnb3mtUf2uYNcFxU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7f6f54844b5939ec-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 08 Aug 2023 16:30:16 GMT
truncated
/ Frame DBDB 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f3e61802eb3f91d0f2613e9d31c685fe0b3e5cc232074bbf707fea72b6ee947

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 9892
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEP0deGx7qGgQCVBjDzEvYiU&google_cver=1&google_push=AXcoOmT4LQVXXcVNYQazww8bRVdkMveJiRs8pwsstK6bW14ypTu2yujx8Jk3kTImb_aqn36KdlikNFywwvZuEY_x0PUUZGEJHHtqZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NjkzMTEzMjA0NDU1NjUzNTY1NQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP0deGx7qGgQCVBjDzEvYiU&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP0deGx7qGgQCVBjDzEvYiU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409032&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409246&bpp=3&bdt=1359&idt=258&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=2348983626704&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=785304189&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31076837%2C31076876%2C44799579%2C44789816&oid=2&pvsid=4231817946788915&tmod=1468571350&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.zbkmca78uwj7&fsb=1&dtd=273
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 15 Aug 2023 06:20:09 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP0deGx7qGgQCVBjDzEvYiU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame 9892 		43 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESENaTplHjfrMuhiSnh_WaHck&google_cver=1&google_push=AXcoOmR0k2fyK4atJyVrlsYz-xW9P9bIoA9X6aQbZYlZ2YAmtw-Rxlc7qmxFRU04wosec-B-EhejogT-U1jrw7wfKarNwSf38M_zwEWocJk_HeNovOzaBEbeE-0o_Dnhl84tMmXVVcwjQBzoNa71YSCYkiJx&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR0k2fyK4atJyVrlsYz-xW9P9bIoA9X6aQbZYlZ2YAmtw-Rxlc7qmxFRU04wosec-B-EhejogT-U1jrw7wfKarNwSf38M_zwEWocJk_HeNovOzaBEbeE-0o_Dnhl84tMmXVVcwjQBzoNa71YSCYkiJx%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409032&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409246&bpp=3&bdt=1359&idt=258&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=2348983626704&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=785304189&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31076837%2C31076876%2C44799579%2C44789816&oid=2&pvsid=4231817946788915&tmod=1468571350&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.zbkmca78uwj7&fsb=1&dtd=273
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7f6f5484fdb0bbc1-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9892
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk5zWkdRQUlxZzZEc2dBTg==&google_gid=CAESECAd3SITeZ1Vm7UV_Yf-mLg&google_cver=1&google_push=AXcoOmRKNjgYaR_PuH1y09vUOutnadns6S...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk5zWkdRQUlxZzZEc2dBTg==&google_gid=CAESECAd3SITeZ1Vm7UV_Yf-mLg&google_cver=1&google_push=AXcoOmRKNjgYaR_PuH1y09vUOutnadns6SlSgJh6-xJHwC4NlC0DIS5Y2E0qkTv47Nsue5xwp51D_N30GzkYFGSupRgUfG0Da3U14t92ZlESqMPR-DBIsmQ6axWjM68Zj1QeTYMw5uQ6yxAPLbt-UDxn-DE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409032&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409246&bpp=3&bdt=1359&idt=258&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=2348983626704&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=785304189&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31076837%2C31076876%2C44799579%2C44789816&oid=2&pvsid=4231817946788915&tmod=1468571350&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.zbkmca78uwj7&fsb=1&dtd=273
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230058-FRA
pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
via
1.1 varnish
server
Varnish
x-timer
S1692080410.397724,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk5zWkdRQUlxZzZEc2dBTg==&google_gid=CAESECAd3SITeZ1Vm7UV_Yf-mLg&google_cver=1&google_push=AXcoOmRKNjgYaR_PuH1y09vUOutnadns6SlSgJh6-xJHwC4NlC0DIS5Y2E0qkTv47Nsue5xwp51D_N30GzkYFGSupRgUfG0Da3U14t92ZlESqMPR-DBIsmQ6axWjM68Zj1QeTYMw5uQ6yxAPLbt-UDxn-DE
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sync
x.bidswitch.net/ Frame 9892 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEA6lQEKDo84ucq_rOGSpjC8&google_cver=1&google_push=AXcoOmT4tt8vHxkYc0AC7Nk-v8zfjBOHjpYCqsvOFyxa4vicKKuRHNvPxYB1_GOmoPDpeZP9WZO0CV6NVmoVozaZxKOwST5fL4gCEWlinGikJtk_sWuVHtiQzcklbBSGGIXp-XQGM_dVqfGX2Y1YGEA_yOt5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409032&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409246&bpp=3&bdt=1359&idt=258&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=2348983626704&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=785304189&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31076837%2C31076876%2C44799579%2C44789816&oid=2&pvsid=4231817946788915&tmod=1468571350&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.zbkmca78uwj7&fsb=1&dtd=273
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.75.15 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-75-15.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 9892
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBSEggadM7vjvYjtNWVtbbw&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBSEggadM7vjvYjtNWVtbbw&google_push=AX...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBSEggadM7vjvYjtNWVtbbw&google_hm=ZNsZGtZ7PwgcoKjQXiGMgwAADMIAAAIB&google_nid=index&google_push=AXcoOmRX-ZiJvH0R3XspRydRWwKvHyjtYqJ_C...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBSEggadM7vjvYjtNWVtbbw&google_hm=ZNsZGtZ7PwgcoKjQXiGMgwAADMIAAAIB&google_nid=index&google_push=AXcoOmRX-ZiJvH0R3XspRydRWwKvHyjtYqJ_CioQ0YDYaaUXaev0SSAPXqsuSoSGSnbnI0-cZOEmTMctEULbe1m9dtwlNXnQa3SS1eHiDdYyz2Bmvw6JTCUiASE3JeyNI-Gcz4WhEi5FaQIKYTWahYINYPKN
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409032&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409246&bpp=3&bdt=1359&idt=258&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=2348983626704&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=785304189&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31076837%2C31076876%2C44799579%2C44789816&oid=2&pvsid=4231817946788915&tmod=1468571350&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.zbkmca78uwj7&fsb=1&dtd=273
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2Fk%2BAaq8k6cx%2BALFpRDLWhH5ThNzeSu9zKMbhMIgVbnHN2ThpFm35habvzUnS5cDVmZmDyzqn%2BhoeI0mAn5doZ48oGFoNwcaSc%2BKRUZbBWg8AkwU4eFioV4G0iIq7wa0CXTtwIOtO6FCIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBSEggadM7vjvYjtNWVtbbw&google_hm=ZNsZGtZ7PwgcoKjQXiGMgwAADMIAAAIB&google_nid=index&google_push=AXcoOmRX-ZiJvH0R3XspRydRWwKvHyjtYqJ_CioQ0YDYaaUXaev0SSAPXqsuSoSGSnbnI0-cZOEmTMctEULbe1m9dtwlNXnQa3SS1eHiDdYyz2Bmvw6JTCUiASE3JeyNI-Gcz4WhEi5FaQIKYTWahYINYPKN
cache-control
no-cache
cf-ray
7f6f5485ba41bbb5-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
-
s.ad.smaato.net/c/n/// Frame 9892 		0
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBW2sszdoAwoBVBrqeUr-4A&google_cver=1&google_push=AXcoOmSgVncY_5pe-dket1mmpQuXTZ5fVIwcOuIWXJgoBPvpgmZHBaeAfbhWPYt17OjZRR2yrSgwSCmYjSkPpRq-bUWklPk49iDVsteztbqz32kr1Olmq7rc67Oh_KSrhcJCR2cXHmrjV2mXeb6c3IYXz8gw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409032&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409246&bpp=3&bdt=1359&idt=258&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=2348983626704&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=785304189&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31076837%2C31076876%2C44799579%2C44789816&oid=2&pvsid=4231817946788915&tmod=1468571350&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.zbkmca78uwj7&fsb=1&dtd=273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25e8:7200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
cache-control
no-cache, must-revalidate
via
1.1 1559f99ec21d6c3066e5715e5c06aa76.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS1-P3
x-amz-cf-id
cFi6Ty4iwt8zS9Ar5gn8SsDmqB_z84mOmYAc3bOId0zP1DvjO2_mDA==
x-cache
Hit from cloudfront
pixel
cm.g.doubleclick.net/ Frame 9892
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEM...
  • https://sync.targeting.unrulymedia.com/csync/RX-32dc504b-8510-48f7-b414-439fc78fdb71-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRAaK0wDqek4HNu0R-Ws...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRAaK0wDqek4HNu0R-Wsttho-EqeGsHovItRJUzWVRZQ_iZI28RsW-MJvctTQXGhPXFEPHqi4TsOUfnwp-uloprheKCZvJPofi7X6GSCkdYcQElyQDL-nCSEVqTU5aM6Yfu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRAaK0wDqek4HNu0R-Wsttho-EqeGsHovItRJUzWVRZQ_iZI28RsW-MJvctTQXGhPXFEPHqi4TsOUfnwp-uloprheKCZvJPofi7X6GSCkdYcQElyQDL-nCSEVqTU5aM6YfuAbAjAIcQnoXto9Pu-2Y&google_hm=AzLcUEuFEEj3tBRDn8eP23E
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409032&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409246&bpp=3&bdt=1359&idt=258&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=2348983626704&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=785304189&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31076837%2C31076876%2C44799579%2C44789816&oid=2&pvsid=4231817946788915&tmod=1468571350&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.zbkmca78uwj7&fsb=1&dtd=273
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRAaK0wDqek4HNu0R-Wsttho-EqeGsHovItRJUzWVRZQ_iZI28RsW-MJvctTQXGhPXFEPHqi4TsOUfnwp-uloprheKCZvJPofi7X6GSCkdYcQElyQDL-nCSEVqTU5aM6YfuAbAjAIcQnoXto9Pu-2Y&google_hm=AzLcUEuFEEj3tBRDn8eP23E
date
Tue, 15 Aug 2023 06:20:10 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX32dc504b851048f7b414439fc78fdb71003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 9892 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kskp7luzQz1hg0dLc8hsEowKlrodalPN6-1jPCCkTTvfclHQV3XwGIuBBfFaN3sSJ7gZcr
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409032&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409246&bpp=3&bdt=1359&idt=258&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=2348983626704&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=785304189&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31076837%2C31076876%2C44799579%2C44789816&oid=2&pvsid=4231817946788915&tmod=1468571350&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.zbkmca78uwj7&fsb=1&dtd=273
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
googleads.g.doubleclick.net/pagead/ Frame E6DF 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CFaXKGRnbZJbiHMXBo9kP9_upOJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAh5w21pFTrI-qAMByAMCqgTcAU_Q05LtXDemvwo9wcATsfkq0jRcbSEKiwJUzDv1qdQed5gsmSEmRrq5HIK3NySQ31yVyR8jJG3BZrProWRcdhvdqxhPSDEX209J0_6HKLBNstbHIhLx7rUUevrlhcpsMjvadF2HswBiuIZizMOwnEVgpB8S-QzS8qKAtPwqJAhvzpt31dilYTA28O1krJC6ipP7P7_4v-RkGp8csCTMO4C36b1uWkUeyRP5IpBZIT9nyalTSRbZUqH9OWtKk0HHyJxilHwA9SSuea2863MzhBbYgpOXUontCiJ1I-iABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xOTgzMDQyNjc0OTc5NDYyGIa6JA&sigh=LrLm398iQwo&uach_m=[UACH]&cid=CAQSPABpAlJWhUlnJctn4tcvn7psDR7VakK9UAQYzNsjYGqZ98c6eD0onqhBi3njZJA5CzS7SwKMAFLkqWDLlRgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409014&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409174&bpp=3&bdt=1290&idt=210&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=259005268492&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080409&ga_hid=202743654&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076836%2C31076964%2C44799571%2C44789816%2C21065724&oid=2&pvsid=4327037523449845&tmod=1074106898&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tdjs3rj8l6j3&fsb=1&dtd=222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409014&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409174&bpp=3&bdt=1290&idt=210&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=259005268492&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080409&ga_hid=202743654&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076836%2C31076964%2C44799571%2C44789816%2C21065724&oid=2&pvsid=4327037523449845&tmod=1074106898&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tdjs3rj8l6j3&fsb=1&dtd=222
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 15 Aug 2023 06:20:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame E6DF 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hs0kpndj9xzf3caz8pyd7r4hnhf2vaamewadaeaz1917n3vhrcqn44masz4h5wka0j9gcss0j3h437d3zc28wg35s8zmrpc5974vj2he5pcft2p6zbaragg9vb1870gz6y25qr2zyvj487dkam8zyse6htw82qzcemre3x0ky3r6m4fsrj6s6wd24m0qt9z8y2ncyw5zbez8fy61y47x0rjzwv6c5wdzy49faccgp3y8078s44b8kstap2c6g8ejt42he9x1zw01yfekap1nkg5hktbqhf3yr7n28g8ay7p7brnhht3fw4x3hpf9rdn3bax0cep0fak0zh8s00a4vhw515gxs89nws5pg65nwbavwk01fpj6rtg8ern274hb5fdvvx4fs06bqck&b=ZNsZGQAHMRYFKODFAAp99-zLO_x6N0rcCXvcoQ&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409014&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409174&bpp=3&bdt=1290&idt=210&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=259005268492&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080409&ga_hid=202743654&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076836%2C31076964%2C44799571%2C44789816%2C21065724&oid=2&pvsid=4327037523449845&tmod=1074106898&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tdjs3rj8l6j3&fsb=1&dtd=222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 15 Aug 2023 06:20:10 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
adview
googleads.g.doubleclick.net/pagead/ Frame 8438 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CEmFPGRnbZMDmJb_yvPIPn6eCsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQIimafJvEyyPqgDAcgDAqoE1AFP0KMPqou6xrzGiyBF5XVAIP_tHO3xtDJBkuFlGS3fTfze335L0r0m1VUz8nRSEltvEZLAJ6ZWJgm4hpLBaVLtUBpvYu0Ap2dxaSfG3RhtPYxprTsgM6FblfYLPseVRTT0W84JnBbqjnqoNy0alUtuuSfkezrYdkCl2Zqg4fGk1FvwkRAPr_iv8DazlT-rQoe2cZwQTIcwQ14sKhyPCLqUNb_WU78gyXIcmeI9w9ckqGXkoD24rbPQxjE3kuW48VicL4nDLrRk1PlFm7o0HRO_cwF73oAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTE5ODMwNDI2NzQ5Nzk0NjIYhrok&sigh=IP6gA9kcEJM&uach_m=[UACH]&cid=CAQSPABpAlJWB-MMpX4SerZN90NPkit3mFWdguYv2oO4VtwDQ3wgqt5A4-CreyZYB3VNw_vcnPMTCCNx4e1o0hgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409100&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409265&bpp=4&bdt=1377&idt=264&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=3916345261878&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=490264881&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44799955%2C44792012%2C44799581%2C44789816&oid=2&pvsid=964398651614398&tmod=734821863&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.haw97hvriulh&fsb=1&dtd=280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409100&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409265&bpp=4&bdt=1377&idt=264&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=3916345261878&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=490264881&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44799955%2C44792012%2C44799581%2C44789816&oid=2&pvsid=964398651614398&tmod=734821863&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.haw97hvriulh&fsb=1&dtd=280
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 15 Aug 2023 06:20:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 8438 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gtcj1ry5y4e23kdw6fkdn5j0aazzwjrn3ec6j2t797ps1ya9qxch7g5e61jfh3hkvd6b3k4xf8z5gh8ctf6bq72c2cc4k5kbj788dd9eyd17qx8a022zxbw4bd8b16pxq1mwg65n0hd43vx08j7en3hka1ktqt7c64pk2b0gh1sfxzcqjccp5p69jqsnxcgvp69bmc3gf4z5xy9vzd27ankqxhgfernte4f8xrjvhs8rk3dk871pdjq12kwegrhyzymwwq9f77dxh0vw3wkyr3p85vr3417mj7whjw7ndsryh93wvhvxg1vv0axmznthnd7rqff3nmjw0pn1xesy4gvh485c8avg4s8pre3dfztcxe7ym6kc3dpdj8xytcnrjpd0seb11br9t1g&b=ZNsZGQAJc0AITzk_AACTn53zYsQmqeD-OmNAgw&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409100&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409265&bpp=4&bdt=1377&idt=264&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=3916345261878&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=490264881&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44799955%2C44792012%2C44799581%2C44789816&oid=2&pvsid=964398651614398&tmod=734821863&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.haw97hvriulh&fsb=1&dtd=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 15 Aug 2023 06:20:10 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
sodar
pagead2.googlesyndication.com/pagead/ Frame 7E90 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230810&jk=4327037523449845&bg=!7e6l7rrNAAaiGN5Pghg7ADkAdvg8WoO7V9qDPXpR4QJTTwDMLBlRRYqDZiR3LYblio0kl6cCognUQI9b4mBYyY88dK2IKigYcIgCAAAAb1IAAAAHaAEHCgDAfgSJ0zlZKEj0Hn5tMp5jmB0WmupEKhJJxrtz2YZXDpdr0F9qFGvTeLrKYXvPDkAJu4v8QYkO_O-dzWA_hUZnwF990EB1tvJTB4toRkRxC49ENwznjr-hwKUXJLX-42Mg2oeJcdoMsSedqLZAsGsECHzlskydHjd1nfKAi86WxTiyE4v7vyut43HNDboXELsqpDAugFweUN47Qibc99pXSUVzsFrnfvhVzABsx4Gw4R0Z9mXVDZ5WKGzqmCd7BgW_mQLKq0I7fhFvbFJoEgNArg9vRxEY8IfC6_zq5jEL3-m-C22PEfIaBeAwRn_zZXe9G1W65e9kmY2jfTiWFEMOzCr1EKbXMXsfFhIWolMqtVRKhVOTBnY_ObyGrfgcLWun0H0-D0W4LbZz_rSKWS2yMYX4TEHjaLEaTWk13M3q55GHVdqmkqwKCHTw2ZsutyFLJzLZ5uXFfVxKYzkWbkQhh2UG6rJnxI5YsY4Uo8m4e65YS-YI6cMKA2BjCCcBijMGP_X1dCiMHAWntSdrAvU6pC3Fo4XKoUnjgwcygB8z3q7KG1nK6yipLNoRqkaDsXa7MjQN93BQAZjUI8o9c7RkkN8sCwAojwFlNBwKaNm4_SOpukQDku2BckJfrUAxbe5wHwmsORQp6ZFLE-g_IRJq4Aztf6WkeqBUyFMRgDxiv3eYC-VT3oTKYynLeFmZ0WfG3sVJuOkv2n6aT60QUatA70YdHUcW4ZHO_C06bYmPAyh2O82Oo3s_VHE9Qj4ePy9U7nhqOcJfgRFwqQoTTPbD2gXpdGJe6yp2pn5t9IUknir0ifVGre-F9KGDB7P7ZyNbsD8SBEz5YKMrvrOAW8GEF0SyXNooLMNj7hYIPMlptiApShRL86rXCBAoMOSCOVEnJmpUQ3EvqGPTFTVy1eB20-d5PBuk6f89XBcqHFSTobQ7Q0V1IGJm_h35GGxTlx05_iQDA2uDToj-HoylM9CPbAlfQ4pY2ALq96NoKllIP8q-XJL429ot-ZXikbQwziELWNkvmBwJHIX42nHkIWJKD4ekYDXvkQFLpoykMV_5b0tmJoqnCLXXlZMnrbNg9AfGPGfus96Z14T0iytA9js-Wly9jWGMJ8S3Yr964BW7S-TjOB-Y2G469EZoP7hqbHKFQ3m7jDLsfCPWaNexZYepVbwh4wHMdy_0TXlprF_-zPxjJbH3_xpJgO4sQ3jo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame E036 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3457
x-guploader-uploadid
ADPycdsbbnt5NrGD8XWC9mz7OThy64CUbvokcgdlXT8JWFSQN4ce5RerNBbtgxA17hV5xErngQFpZk-j06mXgsBB8zaIBw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCk5GohYHCkZll7HhuOVW%2BqsVn6cMq5M1arFSFtT%2BnZeBIIFMFBIyyjrKr%2FP9qMHTAl3VRUf5WVTYvi5pht7K5I3MmSfK83%2BcLKbNqNDNyIRwdzfjmRGm4pV9LePmEyYWfb%2B0qlVSCUl0H5SwoKzUvjf"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7f6f54852ea72bc5-FRA
expires
Tue, 15 Aug 2023 05:59:45 GMT
dt
dt.adsafeprotected.com/ Frame 3385
Redirect Chain
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU1RBUlQiLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ...
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=cb308c0b-204b-4bf8-b5ae-56b3356caf2b&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted...
43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10173&asId=cb308c0b-204b-4bf8-b5ae-56b3356caf2b&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Protocol
H2
Server
2600:1f18:1aca:4281:e148:1293:6d53:b2b9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Redirect headers

Location
https://dt.adsafeprotected.com/dt?anId=10173&asId=cb308c0b-204b-4bf8-b5ae-56b3356caf2b&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Date
Tue, 15 Aug 2023 06:20:10 GMT
Connection
keep-alive
Content-Length
0
Vary
Origin
Content-Type
image/png
dc_oe=ChMIwNb43YLegAMVKF2kBB0mIw9SEAAYACDQ295aOhkIkfXfZxCr9_bAsAQY7vmM4wMguJid9eoRQhMIrdjR3YLegAMVAsDeCh3dPwu4;dc_rmcid=CAQSPABpAlJWsYKXkeLee26l99NnSWPbblckEKxb84wnMdv5_s2gvZUX_drgkxcmHF-d16LnyITMy...
ade.googlesyndication.com/ddm/activity/ Frame 3385 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIwNb43YLegAMVKF2kBB0mIw9SEAAYACDQ295aOhkIkfXfZxCr9_bAsAQY7vmM4wMguJid9eoRQhMIrdjR3YLegAMVAsDeCh3dPwu4;dc_rmcid=CAQSPABpAlJWsYKXkeLee26l99NnSWPbblckEKxb84wnMdv5_s2gvZUX_drgkxcmHF-d16LnyITMyzAsAouxSRgB;eps=CIDhgBAQARgdMgKqAjoCgEBIvf3BOg;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D9%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D466637042%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1692080410424;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 3385 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CxZlrGBnbZK3sN4KA-wbd_6zAC5z7wM9xuJid9eoRv-iivcABEAEgxqWvPGCVgoCAsAfIAQWpAgk1wegDTrI-qAMByAObBKoEhwJP0BOIYBM9A9SrXuYpk1IKsxf1aeb5Q9_PbBvHlP9SAS8v2CwxQxbeenJOx95d-EOJKEClnzS8BIsTGdh8XtdbLZzvdC8QQ1-goU4f4wHP7sqzsKT6z6myEvRNED4Vlc-N2op00hYGMPhNhW07EgkJNRcg8JXAJeyaPbP0t6E6HMR4IfPo-Mg9dNFdDSALOrUcwi7xTfqgWPiADKNCdpOMGRJ2Y23RHwyZi0OU4pcmnbdPicivkP2nVIt7J2BK4lswQB7Iif8eDb9AnIEaQPi4JpITiTRUVs2bwYTlsOP-CK80HA5higIZWZvdFkV8f3CQSukuXl94uQ1tGGxWl2KM1Jdhd8GT_MAEq_f2wLAE4AQDkAYBoAZOgAfPv8FnqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGiDAgqBgoEw7CxAqoNAkRFyA0BsBOYwY0UyBPu-YzjA9ATANgTCogUBtgUAdAVAfgWAYAXAegXBQ&sigh=Poapph1FTZQ&label=part2viewed&ad_mt=10&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D9%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D466637042%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1692080410424
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame 3385 		43 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 02:28:59 GMT
x-content-type-options
nosniff
age
13871
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 02:28:59 GMT
pixel.png
unified.adsafeprotected.com/ Frame 3385 		35 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU0VDT05EQVJZX0lNUFJFU1NJT04iLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vMDE2OWY4NDhmNzQ4MGYxODZhYTlmNmM3OGNiMjNkMTYuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS8ifX0sImN1c3RvbSI6eyJjdXN0b20xIjoiIiwiY3VzdG9tMiI6IjIuMCIsImN1c3RvbTMiOiIyLjAiLCJjdXN0b203IjoiMTQzNDE3MiIsImN1c3RvbTgiOiI3MDc3NDQ4OSIsIm1vbml0b3JpbmciOiJmYWxzZSIsInJlZ2lvbiI6ImllIiwieHNpZCI6ImNiMzA4YzBiLTIwNGItNGJmOC1iNWFlLTU2YjMzNTZjYWYyYiJ9LCJ0aW1lc3RhbXAiOiIwMDAxLTAxLTAxVDAwOjAwOjAwWiIsImhlYWRlcnMiOnsiaGVhZGVyMTAiOiIyMDIyNDczMjMwOSIsImhlYWRlcjExIjoiRENNIiwiaGVhZGVyMTIiOiJhZC5kb3VibGVjbGljay5uZXQiLCJoZWFkZXIzIjoiR29vZ2xlMiIsImhlYWRlcjQiOiI3IiwiaGVhZGVyOCI6Imlhc28iLCJoZWFkZXI5IjoiIn0sImNyZWF0aXZlSWQiOiIxOTAyOTU1MDQiLCJjYiI6IjE2OTIwODA0MDk4NzIxMTkzNTAiLCJhZER1cmF0aW9uIjotMSwiaWFzU2luZ2xldGFnIjp0cnVlLCJpYXNTaW5nbGV0YWdPdXRjb21lIjoiT1VUQ09NRV9NX19WQVNUX19PTUlEX19XRUJfUFhMIn0=&advEntityId=1434172&pubEntityId=70774489&ss_iris_id={{IRIS_ID}}&iris_id=[IRIS_ID]
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.107.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-107-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Tue, 15 Aug 2023 06:20:10 GMT
Connection
keep-alive
Content-Length
35
Vary
Origin
Content-Type
image/gif
skeleton.gif
static.adsafeprotected.com/ Frame 3385
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/1434172/70774493/skeleton.gif?xmtp=v&xmapp=0&xsId=cb308c0b-204b-4bf8-b5ae-56b3356caf2b&bidurl=https://lihkg.com/thread/3470022/page/3&ias_campId=1013136622&...
  • https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=cb308c0b-204b-4bf8-b5ae-56b3356caf2b&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu8_nI1slJg-9bETAWy...
43 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=cb308c0b-204b-4bf8-b5ae-56b3356caf2b&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu8_nI1slJg-9bETAWyUnMIndEBZ5MWw6fpTFeX9obfK0OGrQe85ivdqL962FbjRaFFLPpg-lm7DdtsnLSb1lEyY8kWCPYFsaNF7Rlc3Mz5do-M9GVb-o90pSMRBS9q4R9V8BdcbnnrcCw6dT1swLUdCbPPgl7fQ2S3GiapNEX8-Zo36RL-1NmrAwbGXjipf3kpEfQFM0YYUABs&sai=AMfl-YRSVf1LkOA-GbD4CZHFNAxZiORYnAm0_M_KeVBBGzFAFIXlIM2F953LdkGBlwTwXSPPNsYfTVuvLOsjnpXHBrIrVUJeFjwBpg9mTGBoDbHn0YUpUI7CVNE0EmCThKt7HiIygo1G2iKRxRLynG8g4j9fbA&sig=Cg0ArKJSzLIsgKn1aIJBEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=&ias_xappb=&mon=70774493&redirectedRetries=0
Protocol
H2
Server
2600:9000:2304:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 01:30:24 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 92835d2f5794bba6bff3a83645bbf4c4.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
28529387
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
ABXJpn29zCC7UCOgqBTpEVUYRdRkGQdkSsWlGpS2z_AMoNgnc-Yhzw==

Redirect headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
server
nginx
x-server-name
app05.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=cb308c0b-204b-4bf8-b5ae-56b3356caf2b&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu8_nI1slJg-9bETAWyUnMIndEBZ5MWw6fpTFeX9obfK0OGrQe85ivdqL962FbjRaFFLPpg-lm7DdtsnLSb1lEyY8kWCPYFsaNF7Rlc3Mz5do-M9GVb-o90pSMRBS9q4R9V8BdcbnnrcCw6dT1swLUdCbPPgl7fQ2S3GiapNEX8-Zo36RL-1NmrAwbGXjipf3kpEfQFM0YYUABs&sai=AMfl-YRSVf1LkOA-GbD4CZHFNAxZiORYnAm0_M_KeVBBGzFAFIXlIM2F953LdkGBlwTwXSPPNsYfTVuvLOsjnpXHBrIrVUJeFjwBpg9mTGBoDbHn0YUpUI7CVNE0EmCThKt7HiIygo1G2iKRxRLynG8g4j9fbA&sig=Cg0ArKJSzLIsgKn1aIJBEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=&ias_xappb=&mon=70774493&redirectedRetries=0
cache-control
no-cache
content-length
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3385 		0
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuNdEkuchWogVOC9zUXgGlU4PLLYpJ2Yr4EoDd7yH4AKwsyqbCLFNwChex6IQtyEbDcVtdTz80t3RVH8OcF7JDwPjp6VUHfP9FqxFRM4f9GUbNBgQEuSdpdii4Obg3fVYCtA4AqUX0qUvcBX1YX_kkiw1Tc14d9lx-L1311OvfkDeKmVgzzbAxvSa948GLbZVYtvdYBefNAHyBciV-OuE7palvXcnFU_7XQ4p7H-U4ae6PDOBEqVdC2HI0U0ZfFXkzkBBLSvf501OQjwukUFWpBGRXGPm1cndAYeYi2qDfHAbzECSdw-R2aWP54cI2bIlqZhxr_hQCVnf987qvEPBrrcj8ly5SwT7HUCKmB3-Vxfn9tVhTYyeJsrhmGCGCdFzZz1y2zuzRzbbAR9igc3uB8fOULpb3bJW6RXw_NGuIpOv8q2C-Qo3W17NemC054_rmlsN1uIgzoUfsvtCBrfYrBEG1Ow0HNZYTwAWpfjEcCRvLNckgTne-OKQKxpGbRBtk_Lqi6jUozbB78rYhtsxnXwTaVdEpNqMgT6D0NEBU9f6pdzHsUuDFioGxzVOL6izb6yZdhGswYOm8ZBiOCnXuOHqbB_ZM24hCUg5IG7wtet7bdXfiOnkGA_7DF6qwOc2ptcfFtern-VL6iFb0Zj3-jo8Z1iwpH8DI0I1o4Lh5sJ3Q8Hf9-egV5s1rJDtKfmmGFdTgRQnxHFsNS3h18zga3ohT8Z1IzWDd6E90093FAvN_KgRGIg2uIVwgCp-3DWPcEyzkXIUxlLTmm0fbU7miWp-Ffeyf8R6VohZKzsnVVzNLNdx2OVpslB5R0qhgDHF2coLNCC-WZFUnvYEMUD60v4gP0660VINHBYtVPMjK6p1NFiwMbXMkuhdX_eBOfGp0TzSAV4DHFDS2HJzGp555IYaAk59YejEaEY9yVJy6wjmtrfJtljldgLYBGQX4dnPV-tHwImlS6IRwAbYlgYIwzGo2RglkDniYkUjkjmlFb41CWNgnex5KdLliTygMgW8hY201P_E1xSr8ZKyyYB5QXtj_yEGWWVicfFw61ZYYEZQYWSXYGfYMCDrRRd0O0ezx2pj58GJthLd_XuZQ32WmR4P_aZ41tz8zmSG5WipND-RgJmjLblN2t-WC6adFazmx102TlD5Sh8TTYBEQAu-ZuRcF5UzMUA6kvcIeudzN4P4i4RLDlNsEY8e9Im1CK-ady0kaZjJdYI9UJoCk0bvYJ0K4ZDqg_Iau8LztUBUT3FqnTgstFZpjJKzb9AZ3_cwBqBF4pWur2fPpTitU4QCLJfqfr0wPXK3BG-_WHuvO16iR7-heI&sai=AMfl-YS45we_LYZIBAX3mfOF6nNHIycprDgnmvSKXAaYk3ItlcjmciHt5OQtibeRum8ytbQgZ_IOqczXlT4YGXC1Q71yWF0G6b5qNYMv4ax4eD4gWe95pMFpn1DPTMf6q1grlu6OUBpNfKd5kfns9yZyS1nGscXK1PzPBYeE4DV8oGYiKxl6MC7uAA53q-HUGunH1mh91BC9rLt1PX8-4p6P_0VOKHEO3r27Mp5kTupxIlV2oDzSm735W4D-OZroup6xLZ_R9W6CPQX7Z5hbEBr-1MslHKDt4kU&sig=Cg0ArKJSzHUwpSnDoxFuEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 15 Aug 2023 06:20:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 3385
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIYg_HU5gEgATAB&v=APEucNVhiSXNEFBR27YmrtY0ibJmKSRad_TS0RpOsVz64ALgSdpmJ-djnNsj5UF0fkgP2CnVl5PRKbkPGrOV91qF8PnpODkhBQ
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAxNjk0ODExNDA2NzY2ODkzNA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAxNjk0ODExNDA2NzY2ODkzNA%3D%3D
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
an-x-request-uuid
84565c45-e7e7-4d31-b561-a340301daa27
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAxNjk0ODExNDA2NzY2ODkzNA%3D%3D
x-proxy-origin
217.114.218.22; 217.114.218.22; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3385 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3385 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst0x2X6nZTJv3x1jHfGX6Xik_A8mrZ4Jo7yvbvGg8vjULZ47W8WUtGCQW42Q-ujz2OKf7nV4FYSOMUQPiS5zCQy35lt6a77DllhM9NN43otFMONlWebpFnfWG5OUIvnIFo&sai=AMfl-YSulI6re8NBR5C83h1aD8chQrhVpY6eoSgvwa-akIGpVGFI4PF3E74d0p70DlFWBonDTXChCc0uiOjQJ0NAp6FVbVHMmJb7TcShRxIyivar0uHMRwXrrf-HOLKm&sig=Cg0ArKJSzCCXXheZGV8pEAE&cid=CAQSPABpAlJWsYKXkeLee26l99NnSWPbblckEKxb84wnMdv5_s2gvZUX_drgkxcmHF-d16LnyITMyzAsAouxSRgB&id=lidarv&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D9%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D466637042%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1692080410424&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 3385 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CxZlrGBnbZK3sN4KA-wbd_6zAC5z7wM9xuJid9eoRv-iivcABEAEgxqWvPGCVgoCAsAfIAQWpAgk1wegDTrI-qAMByAObBKoEhwJP0BOIYBM9A9SrXuYpk1IKsxf1aeb5Q9_PbBvHlP9SAS8v2CwxQxbeenJOx95d-EOJKEClnzS8BIsTGdh8XtdbLZzvdC8QQ1-goU4f4wHP7sqzsKT6z6myEvRNED4Vlc-N2op00hYGMPhNhW07EgkJNRcg8JXAJeyaPbP0t6E6HMR4IfPo-Mg9dNFdDSALOrUcwi7xTfqgWPiADKNCdpOMGRJ2Y23RHwyZi0OU4pcmnbdPicivkP2nVIt7J2BK4lswQB7Iif8eDb9AnIEaQPi4JpITiTRUVs2bwYTlsOP-CK80HA5higIZWZvdFkV8f3CQSukuXl94uQ1tGGxWl2KM1Jdhd8GT_MAEq_f2wLAE4AQDkAYBoAZOgAfPv8FnqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGiDAgqBgoEw7CxAqoNAkRFyA0BsBOYwY0UyBPu-YzjA9ATANgTCogUBtgUAdAVAfgWAYAXAegXBQ&sigh=Poapph1FTZQ&label=vast_creativeview&ad_mt=10&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D9%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D466637042%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1692080410424
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 3385 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=7~llbwzkg7&c=5021897222359&slotId=2510948611179.5&qqid=CK3Y0d2C3oADFQLA3god3T8LuA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=749&mt=video%2Fmp4&vs=854x480&dm=15000&event_name=first_play&asset_bytes=196138&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=11&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vfl.176~vil.177~ff.17i~videopreviewstarted.17j
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1004::78 Fort Worth, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
frame.html
ad4m.at/ Frame 92CE 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1444696
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7f6f54855c6539ec-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 15 Aug 2023 06:20:10 GMT
expires
Sun, 09 Jul 2023 00:24:59 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sghVMPmcx1d%2BDeri1CHaIwCSOJcbY7P5ikQSvU0hxT5cHkiBp0gIp1beQKKVdoJ0inePxC7eFBU1XFVjtAt9KbKBcEj%2F9dp0msIgT3n1OJuRCPNFRrBPxKYNPrLeWgyn5%2FyFJD0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f6f5485ac60904c-FRA
content-length
24
content-type
text/plain
date
Tue, 15 Aug 2023 06:20:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKRG7YBJZq5bTI16ojZ0%2BaiDQXF9RDSdAszfKjckHVuTV3Hywi0RHieQtKoQ2UcOBeq3TQA4ftw5uev9dQnKvBCX6o33Xc4lxzBy4YsQUUWXB4QNk7anVG%2FADLOvEltcImg%2BE8k%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-4jr5
rs
ad4m.at/ Frame 6229 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b330ef6566bd886ea1ccff75d9dce4a861dd1ef2ea119dd381379f64781a8c5

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4Q8DgJpIU2r6pj5dKo8vR0BGTPofUYN8tBjpz8g9z%2FsVF7eFfoAAa0B0d%2BvR05ciVxQA7tRQYwfPZggXIx1MFRD2z8LhbyueZV%2B6NwpwCInk3mFWSMwQjovPAGCyAO5K7h3u6I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7f6f5485fc94904c-FRA
x-backend-server
aa-reachservice-group-europe-west1-4jr5
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame E80D 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15db290c2c34b3bcce6e3051a2dff1c43819b7722d33cba1b0d793b23caa58d6

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H8DCH0jalr0aIS90P1h7O0zjfa46y%2BCjYy0mH3ceEwpIKspnkJS%2F2oKst3g7u%2FfHHCj%2Bl1Y6hR77zdw5iyFtPKYKyRVsl0gcO7sEkkQEbpm5xiiwZ%2FyXRlg4xaWPaLWlJMLaUOo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7f6f5485fc93904c-FRA
x-backend-server
aa-reachservice-group-europe-west1-4jr5
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f6f5485ac5f904c-FRA
content-length
24
content-type
text/plain
date
Tue, 15 Aug 2023 06:20:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0f%2FPWfCJYOdVfKbcPVLEF7cWtCLzmlhHPct3osRkmQwWC1%2FYzrI7obLAzqm9Sk4Hs3egT%2B5%2FfOlbAKHCixUB%2ByP4G23RrM1IA9wQGMcMd6zPhzLnGyDbcbMDixHa886sCmTka0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-4jr5
adview
googleads.g.doubleclick.net/pagead/ Frame DBDB 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CYZonGRnbZM3LJayGn88Px7ORoAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJKgSnmX1yyPqgDAcgDAqoE3AFP0FGI4GsjKhFM23280oAnkHR7fDyvX8Y0kqaK1_J_8cPVvvdrSbpq0Q4ppGE-esyxNDZTbKMy0pgS4M6vC5dNauKVzDqGH5SONNJMltARSluF6ne2FOgA3tiX4cxp8nmUwA23fOZrj37yPuKZZiDe2oalMcKGCSIabNL0GHekOxv7RZZQMgklMWHs3oP5fmXA9ex8xwJzG_f9GV_WsY9FlYzEFuv4rQsC4GU2rswfWQ8ch891i9_u-yZPWL5BgWAggTXgAJoA361V-cvBWb_aOwQTDqV_mtNS38dVgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMTk4MzA0MjY3NDk3OTQ2MhiGuiQ&sigh=Nue9m3nAQeY&uach_m=[UACH]&cid=CAQSPABpAlJWYBXbqcVqG2w9ItHqv6R2AjGYsry77p1sscBOXkxXkN6-36TqB9rHIAoUXBWVAs8-SvDsLiXCbhgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409032&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409246&bpp=3&bdt=1359&idt=258&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=2348983626704&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=785304189&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31076837%2C31076876%2C44799579%2C44789816&oid=2&pvsid=4231817946788915&tmod=1468571350&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.zbkmca78uwj7&fsb=1&dtd=273
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409032&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409246&bpp=3&bdt=1359&idt=258&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=2348983626704&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=785304189&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31076837%2C31076876%2C44799579%2C44789816&oid=2&pvsid=4231817946788915&tmod=1468571350&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.zbkmca78uwj7&fsb=1&dtd=273
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 15 Aug 2023 06:20:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame DBDB 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1g9tg2wp60g0xpy7ebv864x2stsm2vyw87d4659htjm10hdxptpmry2yhtp9z5vdxmq4c6q16wv6fkgxrtajtd3bstd5b1jhqrwxm5xzknsmvkh1xhzj9rfexxyhnvvtpsb21mvf5ww8ehy7nfqz0kb6bfj20esh1xvnczynfh7zeg95qyc6exbmagnj166xafdnfzw63zxprn16psbv781p2rby4jnqjajsxawfvx2nqmjnha1ntmnqbt86j81r6073jzd9bsezz6yq2fq7qscpfw6nrg6b0zyd85jt0wa2f9wx1rmacgt16nsgxshed2gevjp2afhv486wrkxeptk0krqkh21a4ym9kb8h2aej24wg8hna6wm6snjf2ssae62a3ac7j9j98h7j&b=ZNsZGQAJZc0D58MsAARZxwVXjs4bS933uPBURg&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1692080409032&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692080409246&bpp=3&bdt=1359&idt=258&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&cookie=ID%3Da4486df6b4b743d3-22dd0d1051de0024%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ&gpic=UID%3D00000c6091fc3334%3AT%3D1692080408%3ART%3D1692080408%3AS%3DALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA&correlator=2348983626704&frm=24&ife=1&pv=2&ga_vid=433030508.1692080408&ga_sid=1692080410&ga_hid=785304189&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31076837%2C31076876%2C44799579%2C44789816&oid=2&pvsid=4231817946788915&tmod=1468571350&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.zbkmca78uwj7&fsb=1&dtd=273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 15 Aug 2023 06:20:10 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame D481 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BxfALGRnbZIDmIai6kdUPpsa8kAUAAAAAOAHgBAI&bg=!2tml2Y3NAAaiGN5Pghg7ADkAdvg8Whf-1BbDywJJVMC9gVKto1nFOsO25DK6ZJ6_lJFjQkbK0SjrdYvK8Fckslv4FcIID88QLvACAAAA71IAAAAGaAEHmQMPt4FJZvH0bMEJI4Pjeq04G_vn1nJ2-fwAtQVe9t71l077WBgaqkqxkDztX_NxXVLksM3PX12UEQLiubPaKg6txV7y7xcbovH8jjQSoLuWuBLcwLHPBxb_Dncv8EDY7kGmclx9l9rifVTdqF9lbpDZ69u_7X5C01zAr5IHCS-ATzFkxiCHXlEXekcLK8hRY4JxvSJ-bSV6DZ9pvanPOeZqFgvqdpkGo05GyVp1VOEOxUf0sn_VzwwhY_50Hgr2T5aLhZ8a9WbrBRjBFoxk8BNAmczTdbs0L653Y8YLNgJ8gvoKqPZE1ry9k4fXxx1dT9-6av9qf3_PdlxArc1nwyGWfzNyxvu3SZ-uVITGUL7pK7TyTBxJAbNjD7-bUj2ori6Ej3AnGjqphWVe6pm-u2hkWpr9C1CPZATDSSJWPY04K_kUEUdE1y6E1cK55e4XVyVD0wo1yeyBLKu8zYUuxnIWzMeud-pZA3hrj41v9vIg3JIbEnkz84evRV2JI3dniOFwOBSe1WqMWAxz8P01q1a0FUe47ARsqWFBG-o2_HwJsAnZEURx-A40r68FDq94jprGqjiBKETHXNhO5zy8SYklJ3QPDBRigVKNUqR_gkOEajwBGLke2KAEZlJUVUsKGApekEKskgJ8ORjFb7EIoLChseSkh8Zmyn34moPT3qsNOhgURWp5BbrqY12uQIH5lzjNUvGb4_ZxMa90QaoTvzEoW-8lnTB-0eY3XlERb4DaWiOQIZH5tVGfxJAye3mKUUEFm4OlGSGg9WCbpVah_Ud_7zSm3CSDqHEUUfvFO4b5IToRgDfuf4mhHDoIx82MJhvSbh5M7YRsN7PJKPftv9ckUL88L5pz-3nK6S1wVoj-C2pFRUJWg_tsLJNlUCRvw_MndJI5Yzl5VoPKtnHPYUh3LATyGRVNEX-QfqawCgbXCrw75a9E6DRyDsP3tgN28OEWlwwB5yBsWnVHDuiYrIEauJfS3JfZ2Pmaj1j7OpMHce0Izp6Ka03cRhy6c5l1T7t7o8lYt0RHyzyh-sMjzie6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rs
ad4m.at/ Frame E036 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94a93caa514072567df7855b7eb0bfb2a823c5a75793cdd5f44d1c7527c90bf1

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PEYmzOVt7cTpTL50vIwmK4kAUH0fxeARXSzdXx03k1lywZDQg0L1SjoTwfc9%2Bl%2Bav%2Be4K72aoAxWT2KEUz8n8mwv0x7rBoIFNVIY%2FquglL0ANGGLXnpPwFJz3GpIvYOF%2BS1CD%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7f6f54861cba904c-FRA
x-backend-server
aa-reachservice-group-europe-west1-4jr5
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f6f5485dc7c904c-FRA
content-length
24
content-type
text/plain
date
Tue, 15 Aug 2023 06:20:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LD9Jsx4vtZG3N60PNXoNOldxce%2B4HoBFGpZQ%2B%2FmMCh9aHuH2Ufn0GL7CRJA57izdKlFRUCRbmDVm4jgpjTpdDr7r7vOLaEv%2BB2EKLbfhsxg1mnK%2FSB9Wwp%2FMkAlpTPdrKrmvoCo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-4jr5
rar
as.ad4m.at/ad/ Frame 3686 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=175059%2C22925%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfjGkcxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfwP3sVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=7d81e3ce49585635a6483b04b8953953%2F5092173492639382676&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g74t3dmf0w9v3shzwx6hfyjn7ajtw109j70qck4z4et03hb4x6s2wbnn8aw4nktc9aw5qkjq2gyn1sw9bbakh0p785qhed2sg99apbq6sneqvna6355fcpm9m4cqtj33ch66yp3e3vmbf3we1kd100r2jtxxy9c401bgbr0sbndd1drj84yncs7j6cc5m3tfc4xs6yy6twdfmxp6875r0r2k8xm0txvvj3m4phsq11qyqvk6kbzc8n80sfa7sfsvbfprzryxvhh64452bzz21vjmw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoVGTGRnbZMDmJb_yvPIPn6eCsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQIimafJvEyyPqgDAcgDAqoE1wFP0KMPqou6xrzGiyBF5XVAIP_tHO3xtDJBkuFlGS3fTfze335L0r0m1VUz8nRSEltvEZLAJ6ZWJgm4hpLBaVLtUBpvYu0Ap2dxaSfG3RhtPYxprTsgM6FblfYLPseVRTT0W84JnBbqjnqoNy0alUtuuSfkezrYdkCl2Zqg4fGk1FvwkRAPr_iv8DazlT-rQoe2cZwQTIcwQ14sKhyPCLqUNb_WU78gyXIcmeI9w9dmqkR2d8Q_7XtXjqft23dKyEyWgoPtNmnkFrDXYy4qMQtqr547Fm6M-IAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3pYSGuVl4Yqvk7D6-441Z6J2ibAg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2ca984784ebbdb2fe7f2f5a62c85ee5067ea5116cc1b8a8f4a30f1c202ae7c6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1htjqrwxw9k807gx34pt403mvj0znq5fxw3s06j20j0myq312s1wc23d6dpskreaefexn5bg7n4k9xf8dbem00c203q1de84y2rza5tg0yckahcczsesfaa74mmnz8bdwmedn1yg2vacfnm0p6vms8tche0rb1bykp4gjkvcy2xm6dy4422fjdvwg9c3a8hhnb968h5at0bjkj6hd73bav38j5h0d1vm91frcjwr9vbt6rcthj9ypz9peawfzj8md2vp8eattspg1eat34xwpvnwamd5q68wef96fhfph7es9x2wveks7a3mw4kyqnpqwzqahp9v2a69wzhmt2mmvxp18b1q3gtp1b8svtwdawpycp5m8q43pn23t0bavn54t56v2zn54vf428ktmse1dh7rtrc5jq04rw07rry1rn7m6was0z60q3754e7ech6rqn5aa3h6jwng&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoVGTGRnbZMDmJb_yvPIPn6eCsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQIimafJvEyyPqgDAcgDAqoE1wFP0KMPqou6xrzGiyBF5XVAIP_tHO3xtDJBkuFlGS3fTfze335L0r0m1VUz8nRSEltvEZLAJ6ZWJgm4hpLBaVLtUBpvYu0Ap2dxaSfG3RhtPYxprTsgM6FblfYLPseVRTT0W84JnBbqjnqoNy0alUtuuSfkezrYdkCl2Zqg4fGk1FvwkRAPr_iv8DazlT-rQoe2cZwQTIcwQ14sKhyPCLqUNb_WU78gyXIcmeI9w9dmqkR2d8Q_7XtXjqft23dKyEyWgoPtNmnkFrDXYy4qMQtqr547Fm6M-IAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3pYSGuVl4Yqvk7D6-441Z6J2ibAg%26client%3Dca-pub-1983042674979462%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7f6f54864d5739ec-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 06:20:10 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame BE98 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=175059%2C192347%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C7YmUqfzfjXmrurHXHgtECVVef4S1TQPbCEZQx%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=5839870e34d254e5f21845ad7749c4f8%2F15423261383198278964&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3vd6acadt1v45qxa5fxx1p0wkmwap385e9x57e1ts7a414mtybwav5h3a2bj1at0gbj4zh6z3r36k9sjadza6nagvhp1014a38wjysd3m5wvk3cf96ag2ynxt238t35ey405kzdpq7kcbxf8nf4qgs7sdb14b6e17zc7x33k7hk6j4sfc0dde4jejj6gsdxbs5dx5mzshprk8t67fdz3h6d86da5brrpbfhvns2y0d2s36pndes6z4aw63ftm87h7hhywhae177yzsb6z834fv7c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClM5DGRnbZJbiHMXBo9kP9_upOJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAh5w21pFTrI-qAMByAMCqgTfAU_Q05LtXDemvwo9wcATsfkq0jRcbSEKiwJUzDv1qdQed5gsmSEmRrq5HIK3NySQ31yVyR8jJG3BZrProWRcdhvdqxhPSDEX209J0_6HKLBNstbHIhLx7rUUevrlhcpsMjvadF2HswBiuIZizMOwnEVgpB8S-QzS8qKAtPwqJAhvzpt31dilYTA28O1krJC6ipP7P7_4v-RkGp8csCTMO4C36b1uWkUeyRP5IpBZIT9nyalTSRbZEKPcq7yzFAEPT9T0TjWSBx26cwC2xWvuBNSREGsDTKX13_7qYyCPG-SABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0VrU1eSJkiR6GFB5tUhPMDxENCEQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bc094f48a8c491946e3754c6803139a8ff01593be9c9e84251d98654e95fef9
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1jnca8ctc1mh5rhgj2nf3dg5yvqx0qydgqsdvg5ka4n4ywqygef0nx1dgzxqjacnv5ez8jvz7xemvsd6n7zq8tgahted2vnwjvwje4yh18qtgd3s60zygzspde5n1t58g4hjratney7pttmjdrxwmt3gfye3j5dwq7g9xdzfd4zp76cdtrxyxvnxezxmhxa09dd67dpkd468w684dfmgxmjvk5m4m7vghnae3t4qjm7kxf39r2ydm8yavpv545n65ymx5dbnfd9hr2vcck8pjatdh5yfdhnxc80kye8ydpaw435kqs878027zj4c4cbxw980nav5t4g7yqzf1bef5jcvg0ds1wtd318kr7h9t3vq39mgrf1pny47s5aafxvj9awq2xkjn5s287vem00d6t9mx34jynj64kaarcs53qf1jq7jet6evadhrzjbjw8jdcw7599691p0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClM5DGRnbZJbiHMXBo9kP9_upOJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAh5w21pFTrI-qAMByAMCqgTfAU_Q05LtXDemvwo9wcATsfkq0jRcbSEKiwJUzDv1qdQed5gsmSEmRrq5HIK3NySQ31yVyR8jJG3BZrProWRcdhvdqxhPSDEX209J0_6HKLBNstbHIhLx7rUUevrlhcpsMjvadF2HswBiuIZizMOwnEVgpB8S-QzS8qKAtPwqJAhvzpt31dilYTA28O1krJC6ipP7P7_4v-RkGp8csCTMO4C36b1uWkUeyRP5IpBZIT9nyalTSRbZEKPcq7yzFAEPT9T0TjWSBx26cwC2xWvuBNSREGsDTKX13_7qYyCPG-SABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0VrU1eSJkiR6GFB5tUhPMDxENCEQ%26client%3Dca-pub-1983042674979462%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7f6f54864d5c39ec-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 06:20:10 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 4AFB 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=6a045a7050e1b74ba1d82576e31e9227%2F11710773295525951317&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410569&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5b3s7g4bkv9g2cgnj4wyapz86344fr6dj0t4ywgr1ttra0fj6xattsv4zsy0edjw2m61pdmcak89vw0vnzwtf5f13gyq20qk76kqbvx57jer5e6mn374pffs4kqsejxak0s8a06z6swcybyrnh65p23hhmk3065s64gyfejh1fm7w5r2ag4s0s3zmwg7vh95fgwef0y2v7v9q86zjp62s1c2j6bmrzfnmt12sbq7xj9gc8f6eqytf1khvbwzfx85gvyq250enjde5tpdhmw9ng6c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC632dGRnbZM3LJayGn88Px7ORoAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJKgSnmX1yyPqgDAcgDAqoE3wFP0FGI4GsjKhFM23280oAnkHR7fDyvX8Y0kqaK1_J_8cPVvvdrSbpq0Q4ppGE-esyxNDZTbKMy0pgS4M6vC5dNauKVzDqGH5SONNJMltARSluF6ne2FOgA3tiX4cxp8nmUwA23fOZrj37yPuKZZiDe2oalMcKGCSIabNL0GHekOxv7RZZQMgklMWHs3oP5fmXA9ex8xwJzG_f9GV_WsY9FlYzEFuv4rQsC4GU2rswfWQ8ch891i53s2rSYoTkBSedoF--pkmg5y6f48-XZhD8YcpbrmrtTggaOQIed1yLLgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0H7iwkLdWAPGLDFy_m0tUn_5DAjQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2039944be0e252c2d037fb29c2462909349fdaac58e41eda640346c96610db63
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1jw12j2kg98x3tssb7dcjv6r45kx35yxehkn793cf7dxv691dtxp7gpacs9mxew8aemk6t5zrctd3h80cyew9x6r2skbtx9veyf6qmrh4kk5sjcxc0436kjcce0157jt3s5sdnc3hxtr7n4632gq1985vwzr1wq7e0n0tfkpz0ppwvygrb52jwkkach20dqb80djqy8b7xks29s7fn6shwpe66gta3xe3e0ny8chhrtb6v8b6448p4skagmjrh6b6qswnexbm2tgcsqe8ckz0j537q1fth7sbn07nd2x6jx7arhc7ec4b84cycrctyt9c4132d20wd9431pyt07agn2gdanmecs47pc9grswk5xxv873016kzet2pyffca4877hkdr2vqjhrphp87fn4y6p78zp4r717r1anpxtz1vzwr0ehc07zwmbz0f44mtfmk4n87zanqe20&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC632dGRnbZM3LJayGn88Px7ORoAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJKgSnmX1yyPqgDAcgDAqoE3wFP0FGI4GsjKhFM23280oAnkHR7fDyvX8Y0kqaK1_J_8cPVvvdrSbpq0Q4ppGE-esyxNDZTbKMy0pgS4M6vC5dNauKVzDqGH5SONNJMltARSluF6ne2FOgA3tiX4cxp8nmUwA23fOZrj37yPuKZZiDe2oalMcKGCSIabNL0GHekOxv7RZZQMgklMWHs3oP5fmXA9ex8xwJzG_f9GV_WsY9FlYzEFuv4rQsC4GU2rswfWQ8ch891i53s2rSYoTkBSedoF--pkmg5y6f48-XZhD8YcpbrmrtTggaOQIed1yLLgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0H7iwkLdWAPGLDFy_m0tUn_5DAjQ%26client%3Dca-pub-1983042674979462%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7f6f54866d9139ec-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 06:20:10 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 3686 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C22925%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfjGkcxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfwP3sVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=7d81e3ce49585635a6483b04b8953953%2F5092173492639382676&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g74t3dmf0w9v3shzwx6hfyjn7ajtw109j70qck4z4et03hb4x6s2wbnn8aw4nktc9aw5qkjq2gyn1sw9bbakh0p785qhed2sg99apbq6sneqvna6355fcpm9m4cqtj33ch66yp3e3vmbf3we1kd100r2jtxxy9c401bgbr0sbndd1drj84yncs7j6cc5m3tfc4xs6yy6twdfmxp6875r0r2k8xm0txvvj3m4phsq11qyqvk6kbzc8n80sfa7sfsvbfprzryxvhh64452bzz21vjmw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoVGTGRnbZMDmJb_yvPIPn6eCsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQIimafJvEyyPqgDAcgDAqoE1wFP0KMPqou6xrzGiyBF5XVAIP_tHO3xtDJBkuFlGS3fTfze335L0r0m1VUz8nRSEltvEZLAJ6ZWJgm4hpLBaVLtUBpvYu0Ap2dxaSfG3RhtPYxprTsgM6FblfYLPseVRTT0W84JnBbqjnqoNy0alUtuuSfkezrYdkCl2Zqg4fGk1FvwkRAPr_iv8DazlT-rQoe2cZwQTIcwQ14sKhyPCLqUNb_WU78gyXIcmeI9w9dmqkR2d8Q_7XtXjqft23dKyEyWgoPtNmnkFrDXYy4qMQtqr547Fm6M-IAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3pYSGuVl4Yqvk7D6-441Z6J2ibAg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=175059%2C22925%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfjGkcxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfwP3sVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=7d81e3ce49585635a6483b04b8953953%2F5092173492639382676&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g74t3dmf0w9v3shzwx6hfyjn7ajtw109j70qck4z4et03hb4x6s2wbnn8aw4nktc9aw5qkjq2gyn1sw9bbakh0p785qhed2sg99apbq6sneqvna6355fcpm9m4cqtj33ch66yp3e3vmbf3we1kd100r2jtxxy9c401bgbr0sbndd1drj84yncs7j6cc5m3tfc4xs6yy6twdfmxp6875r0r2k8xm0txvvj3m4phsq11qyqvk6kbzc8n80sfa7sfsvbfprzryxvhh64452bzz21vjmw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoVGTGRnbZMDmJb_yvPIPn6eCsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQIimafJvEyyPqgDAcgDAqoE1wFP0KMPqou6xrzGiyBF5XVAIP_tHO3xtDJBkuFlGS3fTfze335L0r0m1VUz8nRSEltvEZLAJ6ZWJgm4hpLBaVLtUBpvYu0Ap2dxaSfG3RhtPYxprTsgM6FblfYLPseVRTT0W84JnBbqjnqoNy0alUtuuSfkezrYdkCl2Zqg4fGk1FvwkRAPr_iv8DazlT-rQoe2cZwQTIcwQ14sKhyPCLqUNb_WU78gyXIcmeI9w9dmqkR2d8Q_7XtXjqft23dKyEyWgoPtNmnkFrDXYy4qMQtqr547Fm6M-IAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3pYSGuVl4Yqvk7D6-441Z6J2ibAg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
500821
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKQS9fshyK4sgNs%2BaVhUiV7mFSGGjTOBMZb5InDuo9fstd1Fvg6oJ32z5nixuTo0s5LQY7pUsDCZRfF%2BXv4lYHxH9TsOd3oOVW5uzUpGwy8zKCH8fDA7icp%2BKuWk%2BVvrLlHZFT5QxrA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7f6f54868db139ec-FRA
expires
Tue, 15 Aug 2023 07:20:10 GMT
807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990
assets.ad4m.at/logo/ Frame 3686 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C22925%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfjGkcxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfwP3sVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=7d81e3ce49585635a6483b04b8953953%2F5092173492639382676&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g74t3dmf0w9v3shzwx6hfyjn7ajtw109j70qck4z4et03hb4x6s2wbnn8aw4nktc9aw5qkjq2gyn1sw9bbakh0p785qhed2sg99apbq6sneqvna6355fcpm9m4cqtj33ch66yp3e3vmbf3we1kd100r2jtxxy9c401bgbr0sbndd1drj84yncs7j6cc5m3tfc4xs6yy6twdfmxp6875r0r2k8xm0txvvj3m4phsq11qyqvk6kbzc8n80sfa7sfsvbfprzryxvhh64452bzz21vjmw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoVGTGRnbZMDmJb_yvPIPn6eCsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQIimafJvEyyPqgDAcgDAqoE1wFP0KMPqou6xrzGiyBF5XVAIP_tHO3xtDJBkuFlGS3fTfze335L0r0m1VUz8nRSEltvEZLAJ6ZWJgm4hpLBaVLtUBpvYu0Ap2dxaSfG3RhtPYxprTsgM6FblfYLPseVRTT0W84JnBbqjnqoNy0alUtuuSfkezrYdkCl2Zqg4fGk1FvwkRAPr_iv8DazlT-rQoe2cZwQTIcwQ14sKhyPCLqUNb_WU78gyXIcmeI9w9dmqkR2d8Q_7XtXjqft23dKyEyWgoPtNmnkFrDXYy4qMQtqr547Fm6M-IAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3pYSGuVl4Yqvk7D6-441Z6J2ibAg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8aedce5ce280bf3c1e99fa9b36cb226e62cd39cf77c1f0c5660a6cab7bdece3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1879590
cf-polished
origFmt=png, origSize=11357
alt-svc
h3=":443"; ma=86400
content-length
5848
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Jun 2023 08:41:46 GMT
server
cloudflare
etag
"ccfbd2e3feb27487a1f6d1f6b03866aa"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKIdVwzClRVgn5Yy%2Fw5bZOGT0Jr4oN28HGOdu0b9rLqfWjAIIZU8Zc9B1DiMOqylKSQHcEZT%2FhqUuNRqDdNgZjiVjJFdJwTjblTOj70JFFZuym4QmDPaLqWbnoQvSUIayXvwSCFLHshpbK%2Fd"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f6f54869a5e2c56-FRA
expires
Wed, 16 Aug 2023 06:20:10 GMT
2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B
assets.ad4m.at/ Frame 3686 		183 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C22925%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfjGkcxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfwP3sVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=7d81e3ce49585635a6483b04b8953953%2F5092173492639382676&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g74t3dmf0w9v3shzwx6hfyjn7ajtw109j70qck4z4et03hb4x6s2wbnn8aw4nktc9aw5qkjq2gyn1sw9bbakh0p785qhed2sg99apbq6sneqvna6355fcpm9m4cqtj33ch66yp3e3vmbf3we1kd100r2jtxxy9c401bgbr0sbndd1drj84yncs7j6cc5m3tfc4xs6yy6twdfmxp6875r0r2k8xm0txvvj3m4phsq11qyqvk6kbzc8n80sfa7sfsvbfprzryxvhh64452bzz21vjmw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoVGTGRnbZMDmJb_yvPIPn6eCsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQIimafJvEyyPqgDAcgDAqoE1wFP0KMPqou6xrzGiyBF5XVAIP_tHO3xtDJBkuFlGS3fTfze335L0r0m1VUz8nRSEltvEZLAJ6ZWJgm4hpLBaVLtUBpvYu0Ap2dxaSfG3RhtPYxprTsgM6FblfYLPseVRTT0W84JnBbqjnqoNy0alUtuuSfkezrYdkCl2Zqg4fGk1FvwkRAPr_iv8DazlT-rQoe2cZwQTIcwQ14sKhyPCLqUNb_WU78gyXIcmeI9w9dmqkR2d8Q_7XtXjqft23dKyEyWgoPtNmnkFrDXYy4qMQtqr547Fm6M-IAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3pYSGuVl4Yqvk7D6-441Z6J2ibAg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64f88a75df6eeef2e778f967a36f861c2005c64fb8b567a17a8f98878e351255

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1879590
cf-polished
origFmt=png, origSize=289744
alt-svc
h3=":443"; ma=86400
content-length
187558
cf-bgj
imgq:85,h2pri
last-modified
Fri, 23 Jun 2023 11:11:49 GMT
server
cloudflare
etag
"17decb4f4cab809ec8159433a7f13627"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mNs%2Fr%2BoZDWWPNuC9vsYwwNLZxkgnV17980yt8ZvDRjfDFgqn%2FqcF%2BJu3YWFlObYEizL3pTvKFjAlv1FVhLrIpKu8K9CeRH7FQVbXmOJYOn0vFC1rceR5PWHAhTPe0TuwbTcjO4SyZclE84RU"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f6f54869a592c56-FRA
expires
Wed, 16 Aug 2023 06:20:10 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 3686 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C22925%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfjGkcxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfwP3sVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=7d81e3ce49585635a6483b04b8953953%2F5092173492639382676&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g74t3dmf0w9v3shzwx6hfyjn7ajtw109j70qck4z4et03hb4x6s2wbnn8aw4nktc9aw5qkjq2gyn1sw9bbakh0p785qhed2sg99apbq6sneqvna6355fcpm9m4cqtj33ch66yp3e3vmbf3we1kd100r2jtxxy9c401bgbr0sbndd1drj84yncs7j6cc5m3tfc4xs6yy6twdfmxp6875r0r2k8xm0txvvj3m4phsq11qyqvk6kbzc8n80sfa7sfsvbfprzryxvhh64452bzz21vjmw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoVGTGRnbZMDmJb_yvPIPn6eCsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQIimafJvEyyPqgDAcgDAqoE1wFP0KMPqou6xrzGiyBF5XVAIP_tHO3xtDJBkuFlGS3fTfze335L0r0m1VUz8nRSEltvEZLAJ6ZWJgm4hpLBaVLtUBpvYu0Ap2dxaSfG3RhtPYxprTsgM6FblfYLPseVRTT0W84JnBbqjnqoNy0alUtuuSfkezrYdkCl2Zqg4fGk1FvwkRAPr_iv8DazlT-rQoe2cZwQTIcwQ14sKhyPCLqUNb_WU78gyXIcmeI9w9dmqkR2d8Q_7XtXjqft23dKyEyWgoPtNmnkFrDXYy4qMQtqr547Fm6M-IAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3pYSGuVl4Yqvk7D6-441Z6J2ibAg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1085150
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HgFsI9DK%2BCDvSVEs6pqO%2BkG36RIhxLbLBx1NpPySwExqTNycPJDzYFzrXUMORN%2FzI%2F6OtVFBX3isymVy04tscmitlOdK8D8Jl2TNJYdHSTTLFise%2FZhQsKZ7B8UksKkOoKsGlQKhI2eNSNv%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f6f54869a602c56-FRA
expires
Wed, 16 Aug 2023 06:20:10 GMT
6486455729BD96BDB8E481E3F0AFB23C855E4C9DE0A632584D1F8D6C5F1005300BBB8C5B4E62E496B41D404576EFD68869DA14CD92C2EDFC6AAE9F735B87038D
assets.ad4m.at/product_image/ Frame 3686 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/6486455729BD96BDB8E481E3F0AFB23C855E4C9DE0A632584D1F8D6C5F1005300BBB8C5B4E62E496B41D404576EFD68869DA14CD92C2EDFC6AAE9F735B87038D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C22925%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfjGkcxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfwP3sVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=7d81e3ce49585635a6483b04b8953953%2F5092173492639382676&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g74t3dmf0w9v3shzwx6hfyjn7ajtw109j70qck4z4et03hb4x6s2wbnn8aw4nktc9aw5qkjq2gyn1sw9bbakh0p785qhed2sg99apbq6sneqvna6355fcpm9m4cqtj33ch66yp3e3vmbf3we1kd100r2jtxxy9c401bgbr0sbndd1drj84yncs7j6cc5m3tfc4xs6yy6twdfmxp6875r0r2k8xm0txvvj3m4phsq11qyqvk6kbzc8n80sfa7sfsvbfprzryxvhh64452bzz21vjmw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoVGTGRnbZMDmJb_yvPIPn6eCsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQIimafJvEyyPqgDAcgDAqoE1wFP0KMPqou6xrzGiyBF5XVAIP_tHO3xtDJBkuFlGS3fTfze335L0r0m1VUz8nRSEltvEZLAJ6ZWJgm4hpLBaVLtUBpvYu0Ap2dxaSfG3RhtPYxprTsgM6FblfYLPseVRTT0W84JnBbqjnqoNy0alUtuuSfkezrYdkCl2Zqg4fGk1FvwkRAPr_iv8DazlT-rQoe2cZwQTIcwQ14sKhyPCLqUNb_WU78gyXIcmeI9w9dmqkR2d8Q_7XtXjqft23dKyEyWgoPtNmnkFrDXYy4qMQtqr547Fm6M-IAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3pYSGuVl4Yqvk7D6-441Z6J2ibAg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88c4ce8d34a9daa60952a5e3c77f6a430e87ef15ad67d03105131dcdeb04131d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
288101
cf-polished
qual=85, origFmt=jpeg, origSize=29501
alt-svc
h3=":443"; ma=86400
content-length
15016
cf-bgj
imgq:85,h2pri
last-modified
Mon, 06 Apr 2020 13:24:35 GMT
server
cloudflare
etag
"2ea521e9d32f25981bf850882042e821"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TizBEV6OvUG4y1ovP3rmchyueQwDocoLwR4nfGYvWbZernoJBU30miSr6wVqJL3l6vjePSnoQ0g%2FF7WkIJ6ZRrS6X6gnZMa%2BSMicRTvnd58IwMICzJmc4YZrFop44A6I4XdNDngBcovJKxY"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f6f54869a5f2c56-FRA
expires
Wed, 16 Aug 2023 06:20:10 GMT
/
partner.o2online.de/a/ Frame 3686
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIu4wN6C3oADFZSQ_Qcd2qMESg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidQMGH4fjfjGkcxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidQMGH4fjfjGkcxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023081508201087907091825X117679V1226132702MSviewoneidQMGH4fjfjGkcxH5HYtGtZZWS6S4TG6dTRB7boneid__suite...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023081508201087907091825X117679V1226132702MSviewoneidQMGH4fjfjGkcxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023081508201087907091825X117679V1226132702MSviewoneidQMGH4fjfjGkcxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C22925%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfjGkcxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfwP3sVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=7d81e3ce49585635a6483b04b8953953%2F5092173492639382676&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g74t3dmf0w9v3shzwx6hfyjn7ajtw109j70qck4z4et03hb4x6s2wbnn8aw4nktc9aw5qkjq2gyn1sw9bbakh0p785qhed2sg99apbq6sneqvna6355fcpm9m4cqtj33ch66yp3e3vmbf3we1kd100r2jtxxy9c401bgbr0sbndd1drj84yncs7j6cc5m3tfc4xs6yy6twdfmxp6875r0r2k8xm0txvvj3m4phsq11qyqvk6kbzc8n80sfa7sfsvbfprzryxvhh64452bzz21vjmw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoVGTGRnbZMDmJb_yvPIPn6eCsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQIimafJvEyyPqgDAcgDAqoE1wFP0KMPqou6xrzGiyBF5XVAIP_tHO3xtDJBkuFlGS3fTfze335L0r0m1VUz8nRSEltvEZLAJ6ZWJgm4hpLBaVLtUBpvYu0Ap2dxaSfG3RhtPYxprTsgM6FblfYLPseVRTT0W84JnBbqjnqoNy0alUtuuSfkezrYdkCl2Zqg4fGk1FvwkRAPr_iv8DazlT-rQoe2cZwQTIcwQ14sKhyPCLqUNb_WU78gyXIcmeI9w9dmqkR2d8Q_7XtXjqft23dKyEyWgoPtNmnkFrDXYy4qMQtqr547Fm6M-IAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3pYSGuVl4Yqvk7D6-441Z6J2ibAg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Tue, 15 Aug 2023 06:20:11 GMT
X-NODEIP
46.4.41.145
Server
nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023081508201087907091825X117679V1226132702MSviewoneidQMGH4fjfjGkcxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023081508201087907091825X117679V1226132702MSviewoneidQMGH4fjfjGkcxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&partnerid=12218
date
Tue, 15 Aug 2023 06:20:10 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 3686 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C22925%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfjGkcxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfwP3sVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=7d81e3ce49585635a6483b04b8953953%2F5092173492639382676&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g74t3dmf0w9v3shzwx6hfyjn7ajtw109j70qck4z4et03hb4x6s2wbnn8aw4nktc9aw5qkjq2gyn1sw9bbakh0p785qhed2sg99apbq6sneqvna6355fcpm9m4cqtj33ch66yp3e3vmbf3we1kd100r2jtxxy9c401bgbr0sbndd1drj84yncs7j6cc5m3tfc4xs6yy6twdfmxp6875r0r2k8xm0txvvj3m4phsq11qyqvk6kbzc8n80sfa7sfsvbfprzryxvhh64452bzz21vjmw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoVGTGRnbZMDmJb_yvPIPn6eCsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQIimafJvEyyPqgDAcgDAqoE1wFP0KMPqou6xrzGiyBF5XVAIP_tHO3xtDJBkuFlGS3fTfze335L0r0m1VUz8nRSEltvEZLAJ6ZWJgm4hpLBaVLtUBpvYu0Ap2dxaSfG3RhtPYxprTsgM6FblfYLPseVRTT0W84JnBbqjnqoNy0alUtuuSfkezrYdkCl2Zqg4fGk1FvwkRAPr_iv8DazlT-rQoe2cZwQTIcwQ14sKhyPCLqUNb_WU78gyXIcmeI9w9dmqkR2d8Q_7XtXjqft23dKyEyWgoPtNmnkFrDXYy4qMQtqr547Fm6M-IAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3pYSGuVl4Yqvk7D6-441Z6J2ibAg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
532778
cf-polished
origFmt=png, origSize=62828
alt-svc
h3=":443"; ma=86400
content-length
36446
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Oct 2022 15:02:47 GMT
server
cloudflare
etag
"e12c1a9f1887c09d377658838eaaa06d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJYkrXdWK4csAzIgZF96hKXGVSJX%2BwuE3bcSTzuof7e6O%2FsH27jwNfasyea4mO2srm%2FhYaZGgjISctA289WIDpIxB0zpjuiDDkuguzbfTOFtW8sJ2j0fN%2BMiWso8KIMFTkpVfVco%2BJydK%2BO7"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f6f54869a5c2c56-FRA
expires
Wed, 16 Aug 2023 06:20:10 GMT
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 3686 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C22925%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfjGkcxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfwP3sVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=7d81e3ce49585635a6483b04b8953953%2F5092173492639382676&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g74t3dmf0w9v3shzwx6hfyjn7ajtw109j70qck4z4et03hb4x6s2wbnn8aw4nktc9aw5qkjq2gyn1sw9bbakh0p785qhed2sg99apbq6sneqvna6355fcpm9m4cqtj33ch66yp3e3vmbf3we1kd100r2jtxxy9c401bgbr0sbndd1drj84yncs7j6cc5m3tfc4xs6yy6twdfmxp6875r0r2k8xm0txvvj3m4phsq11qyqvk6kbzc8n80sfa7sfsvbfprzryxvhh64452bzz21vjmw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoVGTGRnbZMDmJb_yvPIPn6eCsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQIimafJvEyyPqgDAcgDAqoE1wFP0KMPqou6xrzGiyBF5XVAIP_tHO3xtDJBkuFlGS3fTfze335L0r0m1VUz8nRSEltvEZLAJ6ZWJgm4hpLBaVLtUBpvYu0Ap2dxaSfG3RhtPYxprTsgM6FblfYLPseVRTT0W84JnBbqjnqoNy0alUtuuSfkezrYdkCl2Zqg4fGk1FvwkRAPr_iv8DazlT-rQoe2cZwQTIcwQ14sKhyPCLqUNb_WU78gyXIcmeI9w9dmqkR2d8Q_7XtXjqft23dKyEyWgoPtNmnkFrDXYy4qMQtqr547Fm6M-IAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3pYSGuVl4Yqvk7D6-441Z6J2ibAg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1087699
cf-polished
degrade=85, origSize=133780, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
38661
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Feb 2020 10:22:01 GMT
server
cloudflare
etag
"d061ca155f758f490340e147604dc3ee"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XvtCb0P9zdC6yyXvVAnikrU4sL2kdHwnuWIsmgANFFrrkx58yfK72LY%2BWxXs0GKkBYZwOyGzYS5rD6Cy%2Fc3CzklOC81H2tGmsh3YQNEwro4Q8ynL240OQxnissuMz5ecngucFptY%2Ffz8xPTq"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f6f54869a5b2c56-FRA
expires
Wed, 16 Aug 2023 06:20:10 GMT
cshow.php
www.awin1.com/ Frame 3686 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C22925%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfjGkcxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfwP3sVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=7d81e3ce49585635a6483b04b8953953%2F5092173492639382676&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g74t3dmf0w9v3shzwx6hfyjn7ajtw109j70qck4z4et03hb4x6s2wbnn8aw4nktc9aw5qkjq2gyn1sw9bbakh0p785qhed2sg99apbq6sneqvna6355fcpm9m4cqtj33ch66yp3e3vmbf3we1kd100r2jtxxy9c401bgbr0sbndd1drj84yncs7j6cc5m3tfc4xs6yy6twdfmxp6875r0r2k8xm0txvvj3m4phsq11qyqvk6kbzc8n80sfa7sfsvbfprzryxvhh64452bzz21vjmw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoVGTGRnbZMDmJb_yvPIPn6eCsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQIimafJvEyyPqgDAcgDAqoE1wFP0KMPqou6xrzGiyBF5XVAIP_tHO3xtDJBkuFlGS3fTfze335L0r0m1VUz8nRSEltvEZLAJ6ZWJgm4hpLBaVLtUBpvYu0Ap2dxaSfG3RhtPYxprTsgM6FblfYLPseVRTT0W84JnBbqjnqoNy0alUtuuSfkezrYdkCl2Zqg4fGk1FvwkRAPr_iv8DazlT-rQoe2cZwQTIcwQ14sKhyPCLqUNb_WU78gyXIcmeI9w9dmqkR2d8Q_7XtXjqft23dKyEyWgoPtNmnkFrDXYy4qMQtqr547Fm6M-IAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3pYSGuVl4Yqvk7D6-441Z6J2ibAg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Aug 2023 06:20:10 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame BE98 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C192347%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C7YmUqfzfjXmrurHXHgtECVVef4S1TQPbCEZQx%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=5839870e34d254e5f21845ad7749c4f8%2F15423261383198278964&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3vd6acadt1v45qxa5fxx1p0wkmwap385e9x57e1ts7a414mtybwav5h3a2bj1at0gbj4zh6z3r36k9sjadza6nagvhp1014a38wjysd3m5wvk3cf96ag2ynxt238t35ey405kzdpq7kcbxf8nf4qgs7sdb14b6e17zc7x33k7hk6j4sfc0dde4jejj6gsdxbs5dx5mzshprk8t67fdz3h6d86da5brrpbfhvns2y0d2s36pndes6z4aw63ftm87h7hhywhae177yzsb6z834fv7c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClM5DGRnbZJbiHMXBo9kP9_upOJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAh5w21pFTrI-qAMByAMCqgTfAU_Q05LtXDemvwo9wcATsfkq0jRcbSEKiwJUzDv1qdQed5gsmSEmRrq5HIK3NySQ31yVyR8jJG3BZrProWRcdhvdqxhPSDEX209J0_6HKLBNstbHIhLx7rUUevrlhcpsMjvadF2HswBiuIZizMOwnEVgpB8S-QzS8qKAtPwqJAhvzpt31dilYTA28O1krJC6ipP7P7_4v-RkGp8csCTMO4C36b1uWkUeyRP5IpBZIT9nyalTSRbZEKPcq7yzFAEPT9T0TjWSBx26cwC2xWvuBNSREGsDTKX13_7qYyCPG-SABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0VrU1eSJkiR6GFB5tUhPMDxENCEQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=175059%2C192347%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C7YmUqfzfjXmrurHXHgtECVVef4S1TQPbCEZQx%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=5839870e34d254e5f21845ad7749c4f8%2F15423261383198278964&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3vd6acadt1v45qxa5fxx1p0wkmwap385e9x57e1ts7a414mtybwav5h3a2bj1at0gbj4zh6z3r36k9sjadza6nagvhp1014a38wjysd3m5wvk3cf96ag2ynxt238t35ey405kzdpq7kcbxf8nf4qgs7sdb14b6e17zc7x33k7hk6j4sfc0dde4jejj6gsdxbs5dx5mzshprk8t67fdz3h6d86da5brrpbfhvns2y0d2s36pndes6z4aw63ftm87h7hhywhae177yzsb6z834fv7c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClM5DGRnbZJbiHMXBo9kP9_upOJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAh5w21pFTrI-qAMByAMCqgTfAU_Q05LtXDemvwo9wcATsfkq0jRcbSEKiwJUzDv1qdQed5gsmSEmRrq5HIK3NySQ31yVyR8jJG3BZrProWRcdhvdqxhPSDEX209J0_6HKLBNstbHIhLx7rUUevrlhcpsMjvadF2HswBiuIZizMOwnEVgpB8S-QzS8qKAtPwqJAhvzpt31dilYTA28O1krJC6ipP7P7_4v-RkGp8csCTMO4C36b1uWkUeyRP5IpBZIT9nyalTSRbZEKPcq7yzFAEPT9T0TjWSBx26cwC2xWvuBNSREGsDTKX13_7qYyCPG-SABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0VrU1eSJkiR6GFB5tUhPMDxENCEQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
500821
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUyuj8IRKws9LS%2F1uJAdiu38eMb%2FEJcrHjF0AH438FRQ%2B2YTu348b1SjWsoP%2Fm7vwO9KL%2BAodS9fhEZr4hvF6JLgwfmQtJfkpBZZgOhflgd5xkjz3TMLJtBAlvLhquQFlKBM3wmJIPI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7f6f54869dbd39ec-FRA
expires
Tue, 15 Aug 2023 07:20:10 GMT
807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990
assets.ad4m.at/logo/ Frame BE98 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C192347%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C7YmUqfzfjXmrurHXHgtECVVef4S1TQPbCEZQx%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=5839870e34d254e5f21845ad7749c4f8%2F15423261383198278964&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3vd6acadt1v45qxa5fxx1p0wkmwap385e9x57e1ts7a414mtybwav5h3a2bj1at0gbj4zh6z3r36k9sjadza6nagvhp1014a38wjysd3m5wvk3cf96ag2ynxt238t35ey405kzdpq7kcbxf8nf4qgs7sdb14b6e17zc7x33k7hk6j4sfc0dde4jejj6gsdxbs5dx5mzshprk8t67fdz3h6d86da5brrpbfhvns2y0d2s36pndes6z4aw63ftm87h7hhywhae177yzsb6z834fv7c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClM5DGRnbZJbiHMXBo9kP9_upOJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAh5w21pFTrI-qAMByAMCqgTfAU_Q05LtXDemvwo9wcATsfkq0jRcbSEKiwJUzDv1qdQed5gsmSEmRrq5HIK3NySQ31yVyR8jJG3BZrProWRcdhvdqxhPSDEX209J0_6HKLBNstbHIhLx7rUUevrlhcpsMjvadF2HswBiuIZizMOwnEVgpB8S-QzS8qKAtPwqJAhvzpt31dilYTA28O1krJC6ipP7P7_4v-RkGp8csCTMO4C36b1uWkUeyRP5IpBZIT9nyalTSRbZEKPcq7yzFAEPT9T0TjWSBx26cwC2xWvuBNSREGsDTKX13_7qYyCPG-SABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0VrU1eSJkiR6GFB5tUhPMDxENCEQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8aedce5ce280bf3c1e99fa9b36cb226e62cd39cf77c1f0c5660a6cab7bdece3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1879590
cf-polished
origFmt=png, origSize=11357
alt-svc
h3=":443"; ma=86400
content-length
5848
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Jun 2023 08:41:46 GMT
server
cloudflare
etag
"ccfbd2e3feb27487a1f6d1f6b03866aa"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjSNZJ%2BIbhtu4eFQuQfL0e9YG8BgN%2Fw7FkuALwORxPRc3XUM8UtV7frvdAZQiggzHjwLLY7LC60lAqs11C66%2FpYBMPfWHynSSn6w0Qd0sSP4D76QgozHggWkjDQBPQYhI7x4E1mdBe3mjNmW"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f6f54869a622c56-FRA
expires
Wed, 16 Aug 2023 06:20:10 GMT
2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B
assets.ad4m.at/ Frame BE98 		183 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C192347%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C7YmUqfzfjXmrurHXHgtECVVef4S1TQPbCEZQx%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=5839870e34d254e5f21845ad7749c4f8%2F15423261383198278964&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3vd6acadt1v45qxa5fxx1p0wkmwap385e9x57e1ts7a414mtybwav5h3a2bj1at0gbj4zh6z3r36k9sjadza6nagvhp1014a38wjysd3m5wvk3cf96ag2ynxt238t35ey405kzdpq7kcbxf8nf4qgs7sdb14b6e17zc7x33k7hk6j4sfc0dde4jejj6gsdxbs5dx5mzshprk8t67fdz3h6d86da5brrpbfhvns2y0d2s36pndes6z4aw63ftm87h7hhywhae177yzsb6z834fv7c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClM5DGRnbZJbiHMXBo9kP9_upOJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAh5w21pFTrI-qAMByAMCqgTfAU_Q05LtXDemvwo9wcATsfkq0jRcbSEKiwJUzDv1qdQed5gsmSEmRrq5HIK3NySQ31yVyR8jJG3BZrProWRcdhvdqxhPSDEX209J0_6HKLBNstbHIhLx7rUUevrlhcpsMjvadF2HswBiuIZizMOwnEVgpB8S-QzS8qKAtPwqJAhvzpt31dilYTA28O1krJC6ipP7P7_4v-RkGp8csCTMO4C36b1uWkUeyRP5IpBZIT9nyalTSRbZEKPcq7yzFAEPT9T0TjWSBx26cwC2xWvuBNSREGsDTKX13_7qYyCPG-SABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0VrU1eSJkiR6GFB5tUhPMDxENCEQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64f88a75df6eeef2e778f967a36f861c2005c64fb8b567a17a8f98878e351255

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1879590
cf-polished
origFmt=png, origSize=289744
alt-svc
h3=":443"; ma=86400
content-length
187558
cf-bgj
imgq:85,h2pri
last-modified
Fri, 23 Jun 2023 11:11:49 GMT
server
cloudflare
etag
"17decb4f4cab809ec8159433a7f13627"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzpxVbjGLo8K8KKDIjdfYQ9aaEYsJ1GWujo%2FMK8m9jJai8HoZ3f%2BI%2BRes%2BGVXQH6qxF3T7mpy0IipMACtyYdkVW%2F%2BP%2B2bVBsnpX5rj8zLXhJOuIqDSJ9UlXl180IR%2Fv3HQFMPi3FCni%2B23h5"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f6f54869a642c56-FRA
expires
Wed, 16 Aug 2023 06:20:10 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame BE98 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C192347%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C7YmUqfzfjXmrurHXHgtECVVef4S1TQPbCEZQx%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=5839870e34d254e5f21845ad7749c4f8%2F15423261383198278964&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3vd6acadt1v45qxa5fxx1p0wkmwap385e9x57e1ts7a414mtybwav5h3a2bj1at0gbj4zh6z3r36k9sjadza6nagvhp1014a38wjysd3m5wvk3cf96ag2ynxt238t35ey405kzdpq7kcbxf8nf4qgs7sdb14b6e17zc7x33k7hk6j4sfc0dde4jejj6gsdxbs5dx5mzshprk8t67fdz3h6d86da5brrpbfhvns2y0d2s36pndes6z4aw63ftm87h7hhywhae177yzsb6z834fv7c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClM5DGRnbZJbiHMXBo9kP9_upOJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAh5w21pFTrI-qAMByAMCqgTfAU_Q05LtXDemvwo9wcATsfkq0jRcbSEKiwJUzDv1qdQed5gsmSEmRrq5HIK3NySQ31yVyR8jJG3BZrProWRcdhvdqxhPSDEX209J0_6HKLBNstbHIhLx7rUUevrlhcpsMjvadF2HswBiuIZizMOwnEVgpB8S-QzS8qKAtPwqJAhvzpt31dilYTA28O1krJC6ipP7P7_4v-RkGp8csCTMO4C36b1uWkUeyRP5IpBZIT9nyalTSRbZEKPcq7yzFAEPT9T0TjWSBx26cwC2xWvuBNSREGsDTKX13_7qYyCPG-SABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0VrU1eSJkiR6GFB5tUhPMDxENCEQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1085150
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ys5FkDas5pxZ1wZFzhNm%2BnsxmYYXd%2F4PmHLuRGsbtMA5ULP9yV86AjYiIoVrNitCc%2B9sRIGnE97EBWyURkTIBUUdyFnClAnVAS8quUzbfSt9VU1UGoCoBdGbqBGcxgUFN06J8dLjSnLOqeZ4"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f6f54869a662c56-FRA
expires
Wed, 16 Aug 2023 06:20:10 GMT
0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
assets.ad4m.at/ Frame BE98 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C192347%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C7YmUqfzfjXmrurHXHgtECVVef4S1TQPbCEZQx%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=5839870e34d254e5f21845ad7749c4f8%2F15423261383198278964&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3vd6acadt1v45qxa5fxx1p0wkmwap385e9x57e1ts7a414mtybwav5h3a2bj1at0gbj4zh6z3r36k9sjadza6nagvhp1014a38wjysd3m5wvk3cf96ag2ynxt238t35ey405kzdpq7kcbxf8nf4qgs7sdb14b6e17zc7x33k7hk6j4sfc0dde4jejj6gsdxbs5dx5mzshprk8t67fdz3h6d86da5brrpbfhvns2y0d2s36pndes6z4aw63ftm87h7hhywhae177yzsb6z834fv7c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClM5DGRnbZJbiHMXBo9kP9_upOJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAh5w21pFTrI-qAMByAMCqgTfAU_Q05LtXDemvwo9wcATsfkq0jRcbSEKiwJUzDv1qdQed5gsmSEmRrq5HIK3NySQ31yVyR8jJG3BZrProWRcdhvdqxhPSDEX209J0_6HKLBNstbHIhLx7rUUevrlhcpsMjvadF2HswBiuIZizMOwnEVgpB8S-QzS8qKAtPwqJAhvzpt31dilYTA28O1krJC6ipP7P7_4v-RkGp8csCTMO4C36b1uWkUeyRP5IpBZIT9nyalTSRbZEKPcq7yzFAEPT9T0TjWSBx26cwC2xWvuBNSREGsDTKX13_7qYyCPG-SABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0VrU1eSJkiR6GFB5tUhPMDxENCEQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1843145
cf-polished
qual=85, origFmt=jpeg, origSize=60344
alt-svc
h3=":443"; ma=86400
content-length
22974
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Mar 2023 22:26:34 GMT
server
cloudflare
etag
"06609266defcd14ec685b2464aeced2e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBhq%2FZDgqcRIZaB2Wq%2FADHJf3LIdKP8q5GvaTnb2Js%2F4158XyZ08LJYKi%2B0KA2fcHZGZMlV%2BAoZcxBG8S4weQ1%2FK95mK1F44W95KYBizIrXaaHUfdnhI1CbOAF5KhBHAOQDn4DWwY%2BULgnxc"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f6f54869a682c56-FRA
expires
Wed, 16 Aug 2023 06:20:10 GMT
/
partner.o2online.de/a/ Frame BE98
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=COi5wN6C3oADFSfKuwgdHdcE_g;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneidmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneidmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023081508201087907091821X117703V1226132702MSviewoneidmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5oneid__suit...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023081508201087907091821X117703V1226132702MSviewoneidmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023081508201087907091821X117703V1226132702MSviewoneidmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117703&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C192347%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C7YmUqfzfjXmrurHXHgtECVVef4S1TQPbCEZQx%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=5839870e34d254e5f21845ad7749c4f8%2F15423261383198278964&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3vd6acadt1v45qxa5fxx1p0wkmwap385e9x57e1ts7a414mtybwav5h3a2bj1at0gbj4zh6z3r36k9sjadza6nagvhp1014a38wjysd3m5wvk3cf96ag2ynxt238t35ey405kzdpq7kcbxf8nf4qgs7sdb14b6e17zc7x33k7hk6j4sfc0dde4jejj6gsdxbs5dx5mzshprk8t67fdz3h6d86da5brrpbfhvns2y0d2s36pndes6z4aw63ftm87h7hhywhae177yzsb6z834fv7c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClM5DGRnbZJbiHMXBo9kP9_upOJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAh5w21pFTrI-qAMByAMCqgTfAU_Q05LtXDemvwo9wcATsfkq0jRcbSEKiwJUzDv1qdQed5gsmSEmRrq5HIK3NySQ31yVyR8jJG3BZrProWRcdhvdqxhPSDEX209J0_6HKLBNstbHIhLx7rUUevrlhcpsMjvadF2HswBiuIZizMOwnEVgpB8S-QzS8qKAtPwqJAhvzpt31dilYTA28O1krJC6ipP7P7_4v-RkGp8csCTMO4C36b1uWkUeyRP5IpBZIT9nyalTSRbZEKPcq7yzFAEPT9T0TjWSBx26cwC2xWvuBNSREGsDTKX13_7qYyCPG-SABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0VrU1eSJkiR6GFB5tUhPMDxENCEQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Tue, 15 Aug 2023 06:20:11 GMT
X-NODEIP
46.4.62.19
Server
nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023081508201087907091821X117703V1226132702MSviewoneidmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023081508201087907091821X117703V1226132702MSviewoneidmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117703&partnerid=12218
date
Tue, 15 Aug 2023 06:20:10 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame BE98 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C192347%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C7YmUqfzfjXmrurHXHgtECVVef4S1TQPbCEZQx%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=5839870e34d254e5f21845ad7749c4f8%2F15423261383198278964&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3vd6acadt1v45qxa5fxx1p0wkmwap385e9x57e1ts7a414mtybwav5h3a2bj1at0gbj4zh6z3r36k9sjadza6nagvhp1014a38wjysd3m5wvk3cf96ag2ynxt238t35ey405kzdpq7kcbxf8nf4qgs7sdb14b6e17zc7x33k7hk6j4sfc0dde4jejj6gsdxbs5dx5mzshprk8t67fdz3h6d86da5brrpbfhvns2y0d2s36pndes6z4aw63ftm87h7hhywhae177yzsb6z834fv7c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClM5DGRnbZJbiHMXBo9kP9_upOJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAh5w21pFTrI-qAMByAMCqgTfAU_Q05LtXDemvwo9wcATsfkq0jRcbSEKiwJUzDv1qdQed5gsmSEmRrq5HIK3NySQ31yVyR8jJG3BZrProWRcdhvdqxhPSDEX209J0_6HKLBNstbHIhLx7rUUevrlhcpsMjvadF2HswBiuIZizMOwnEVgpB8S-QzS8qKAtPwqJAhvzpt31dilYTA28O1krJC6ipP7P7_4v-RkGp8csCTMO4C36b1uWkUeyRP5IpBZIT9nyalTSRbZEKPcq7yzFAEPT9T0TjWSBx26cwC2xWvuBNSREGsDTKX13_7qYyCPG-SABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0VrU1eSJkiR6GFB5tUhPMDxENCEQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
532778
cf-polished
origFmt=png, origSize=62828
alt-svc
h3=":443"; ma=86400
content-length
36446
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Oct 2022 15:02:47 GMT
server
cloudflare
etag
"e12c1a9f1887c09d377658838eaaa06d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5LH0EmVDsQIjuSEJPaW3ieNVYg%2B%2Fflcfv6tmCnLeMx%2BmsBGsZtJveIiqBL7Mb8n0vVzq2irZ71CZuRZsQK0TJ9pPtREsxtNP%2BF0JNl%2BSX%2FY3G6hB4KTqdfN2y2FKGoP2ZTQxuPCOZ7wEjXQa"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f6f5486ba872c56-FRA
expires
Wed, 16 Aug 2023 06:20:10 GMT
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame BE98 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C192347%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C7YmUqfzfjXmrurHXHgtECVVef4S1TQPbCEZQx%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=5839870e34d254e5f21845ad7749c4f8%2F15423261383198278964&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3vd6acadt1v45qxa5fxx1p0wkmwap385e9x57e1ts7a414mtybwav5h3a2bj1at0gbj4zh6z3r36k9sjadza6nagvhp1014a38wjysd3m5wvk3cf96ag2ynxt238t35ey405kzdpq7kcbxf8nf4qgs7sdb14b6e17zc7x33k7hk6j4sfc0dde4jejj6gsdxbs5dx5mzshprk8t67fdz3h6d86da5brrpbfhvns2y0d2s36pndes6z4aw63ftm87h7hhywhae177yzsb6z834fv7c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClM5DGRnbZJbiHMXBo9kP9_upOJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAh5w21pFTrI-qAMByAMCqgTfAU_Q05LtXDemvwo9wcATsfkq0jRcbSEKiwJUzDv1qdQed5gsmSEmRrq5HIK3NySQ31yVyR8jJG3BZrProWRcdhvdqxhPSDEX209J0_6HKLBNstbHIhLx7rUUevrlhcpsMjvadF2HswBiuIZizMOwnEVgpB8S-QzS8qKAtPwqJAhvzpt31dilYTA28O1krJC6ipP7P7_4v-RkGp8csCTMO4C36b1uWkUeyRP5IpBZIT9nyalTSRbZEKPcq7yzFAEPT9T0TjWSBx26cwC2xWvuBNSREGsDTKX13_7qYyCPG-SABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0VrU1eSJkiR6GFB5tUhPMDxENCEQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1087699
cf-polished
degrade=85, origSize=133780, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
38661
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Feb 2020 10:22:01 GMT
server
cloudflare
etag
"d061ca155f758f490340e147604dc3ee"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAP7Jqsq10ZNneVDA%2FhZnLVKTJeId0LF8ns0PK4OjWKQL4MX4mhI9EOkUYff3HXwop8z53CVZy5Ny6UysDeqLmiDGhI006DWP99LW0Iu%2BKT%2Fu1j2B8ifvZn4EYdg8oQm7hs2BOUXTclMJSov"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f6f5486ba882c56-FRA
expires
Wed, 16 Aug 2023 06:20:10 GMT
cshow.php
www.awin1.com/ Frame BE98 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C192347%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C7YmUqfzfjXmrurHXHgtECVVef4S1TQPbCEZQx%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=5839870e34d254e5f21845ad7749c4f8%2F15423261383198278964&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3vd6acadt1v45qxa5fxx1p0wkmwap385e9x57e1ts7a414mtybwav5h3a2bj1at0gbj4zh6z3r36k9sjadza6nagvhp1014a38wjysd3m5wvk3cf96ag2ynxt238t35ey405kzdpq7kcbxf8nf4qgs7sdb14b6e17zc7x33k7hk6j4sfc0dde4jejj6gsdxbs5dx5mzshprk8t67fdz3h6d86da5brrpbfhvns2y0d2s36pndes6z4aw63ftm87h7hhywhae177yzsb6z834fv7c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClM5DGRnbZJbiHMXBo9kP9_upOJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAh5w21pFTrI-qAMByAMCqgTfAU_Q05LtXDemvwo9wcATsfkq0jRcbSEKiwJUzDv1qdQed5gsmSEmRrq5HIK3NySQ31yVyR8jJG3BZrProWRcdhvdqxhPSDEX209J0_6HKLBNstbHIhLx7rUUevrlhcpsMjvadF2HswBiuIZizMOwnEVgpB8S-QzS8qKAtPwqJAhvzpt31dilYTA28O1krJC6ipP7P7_4v-RkGp8csCTMO4C36b1uWkUeyRP5IpBZIT9nyalTSRbZEKPcq7yzFAEPT9T0TjWSBx26cwC2xWvuBNSREGsDTKX13_7qYyCPG-SABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0VrU1eSJkiR6GFB5tUhPMDxENCEQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Aug 2023 06:20:10 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 4AFB 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=6a045a7050e1b74ba1d82576e31e9227%2F11710773295525951317&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410569&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5b3s7g4bkv9g2cgnj4wyapz86344fr6dj0t4ywgr1ttra0fj6xattsv4zsy0edjw2m61pdmcak89vw0vnzwtf5f13gyq20qk76kqbvx57jer5e6mn374pffs4kqsejxak0s8a06z6swcybyrnh65p23hhmk3065s64gyfejh1fm7w5r2ag4s0s3zmwg7vh95fgwef0y2v7v9q86zjp62s1c2j6bmrzfnmt12sbq7xj9gc8f6eqytf1khvbwzfx85gvyq250enjde5tpdhmw9ng6c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC632dGRnbZM3LJayGn88Px7ORoAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJKgSnmX1yyPqgDAcgDAqoE3wFP0FGI4GsjKhFM23280oAnkHR7fDyvX8Y0kqaK1_J_8cPVvvdrSbpq0Q4ppGE-esyxNDZTbKMy0pgS4M6vC5dNauKVzDqGH5SONNJMltARSluF6ne2FOgA3tiX4cxp8nmUwA23fOZrj37yPuKZZiDe2oalMcKGCSIabNL0GHekOxv7RZZQMgklMWHs3oP5fmXA9ex8xwJzG_f9GV_WsY9FlYzEFuv4rQsC4GU2rswfWQ8ch891i53s2rSYoTkBSedoF--pkmg5y6f48-XZhD8YcpbrmrtTggaOQIed1yLLgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0H7iwkLdWAPGLDFy_m0tUn_5DAjQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=6a045a7050e1b74ba1d82576e31e9227%2F11710773295525951317&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410569&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5b3s7g4bkv9g2cgnj4wyapz86344fr6dj0t4ywgr1ttra0fj6xattsv4zsy0edjw2m61pdmcak89vw0vnzwtf5f13gyq20qk76kqbvx57jer5e6mn374pffs4kqsejxak0s8a06z6swcybyrnh65p23hhmk3065s64gyfejh1fm7w5r2ag4s0s3zmwg7vh95fgwef0y2v7v9q86zjp62s1c2j6bmrzfnmt12sbq7xj9gc8f6eqytf1khvbwzfx85gvyq250enjde5tpdhmw9ng6c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC632dGRnbZM3LJayGn88Px7ORoAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJKgSnmX1yyPqgDAcgDAqoE3wFP0FGI4GsjKhFM23280oAnkHR7fDyvX8Y0kqaK1_J_8cPVvvdrSbpq0Q4ppGE-esyxNDZTbKMy0pgS4M6vC5dNauKVzDqGH5SONNJMltARSluF6ne2FOgA3tiX4cxp8nmUwA23fOZrj37yPuKZZiDe2oalMcKGCSIabNL0GHekOxv7RZZQMgklMWHs3oP5fmXA9ex8xwJzG_f9GV_WsY9FlYzEFuv4rQsC4GU2rswfWQ8ch891i53s2rSYoTkBSedoF--pkmg5y6f48-XZhD8YcpbrmrtTggaOQIed1yLLgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0H7iwkLdWAPGLDFy_m0tUn_5DAjQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
500821
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3grEVHOTom8BD9BfWXca75OZWRE3VMRr11C8pMIxTJyNQ31yzOLX4DAclQkyJrqTS8WZqPmPFzWfdg24ao0IIjQebO2un2Gt%2BBBPGEoukPyj5BAcZ%2FqnbENFD0A5nu2dZzb%2BCiuTKpc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7f6f5486cdee39ec-FRA
expires
Tue, 15 Aug 2023 07:20:10 GMT
1A3519435B93A8A4F3F6C13959D6951303D43C0A1C67EEC9C84723E6608D860AF870AF3D1E802C8E6A703FE15D4D810EB0CD13D3F6F07FB94916A320CEFB013B
assets.ad4m.at/logo/ Frame 4AFB 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/1A3519435B93A8A4F3F6C13959D6951303D43C0A1C67EEC9C84723E6608D860AF870AF3D1E802C8E6A703FE15D4D810EB0CD13D3F6F07FB94916A320CEFB013B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=6a045a7050e1b74ba1d82576e31e9227%2F11710773295525951317&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410569&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5b3s7g4bkv9g2cgnj4wyapz86344fr6dj0t4ywgr1ttra0fj6xattsv4zsy0edjw2m61pdmcak89vw0vnzwtf5f13gyq20qk76kqbvx57jer5e6mn374pffs4kqsejxak0s8a06z6swcybyrnh65p23hhmk3065s64gyfejh1fm7w5r2ag4s0s3zmwg7vh95fgwef0y2v7v9q86zjp62s1c2j6bmrzfnmt12sbq7xj9gc8f6eqytf1khvbwzfx85gvyq250enjde5tpdhmw9ng6c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC632dGRnbZM3LJayGn88Px7ORoAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJKgSnmX1yyPqgDAcgDAqoE3wFP0FGI4GsjKhFM23280oAnkHR7fDyvX8Y0kqaK1_J_8cPVvvdrSbpq0Q4ppGE-esyxNDZTbKMy0pgS4M6vC5dNauKVzDqGH5SONNJMltARSluF6ne2FOgA3tiX4cxp8nmUwA23fOZrj37yPuKZZiDe2oalMcKGCSIabNL0GHekOxv7RZZQMgklMWHs3oP5fmXA9ex8xwJzG_f9GV_WsY9FlYzEFuv4rQsC4GU2rswfWQ8ch891i53s2rSYoTkBSedoF--pkmg5y6f48-XZhD8YcpbrmrtTggaOQIed1yLLgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0H7iwkLdWAPGLDFy_m0tUn_5DAjQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
898107a317921f1fe8f4784c2a5f9032dba634f89a2c5a31bdaa253206f19eff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1684181
cf-polished
origFmt=png, origSize=155987
alt-svc
h3=":443"; ma=86400
content-length
97378
cf-bgj
imgq:85,h2pri
last-modified
Wed, 03 May 2023 10:34:04 GMT
server
cloudflare
etag
"046c487317a4f122cc1e9773901d1d88"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e8ZC9asGC%2BW0NUG0emKnzJ64VWBibrCBCoMQc1%2FWK5zXbeN2aziLPAJrA7Pr5SCQEdSInJAUXe3W5BcwyJCy6I3R9Xgj8kkJzeOzXcOhYhUcbJeGoXPmRn5644VC%2FRp16Hf3lzhUwLfXden6"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f6f5486ca902c56-FRA
expires
Wed, 16 Aug 2023 06:20:10 GMT
F3A3B7992F041E027EDF5C55060530AEE4F74888194218BF68384A7CF45BCBCEFBE42F66E82D247734FE42733361C61FBF8347907D061895BF7BC8415B5E9D5B
assets.ad4m.at/ Frame 4AFB 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/F3A3B7992F041E027EDF5C55060530AEE4F74888194218BF68384A7CF45BCBCEFBE42F66E82D247734FE42733361C61FBF8347907D061895BF7BC8415B5E9D5B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=6a045a7050e1b74ba1d82576e31e9227%2F11710773295525951317&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410569&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5b3s7g4bkv9g2cgnj4wyapz86344fr6dj0t4ywgr1ttra0fj6xattsv4zsy0edjw2m61pdmcak89vw0vnzwtf5f13gyq20qk76kqbvx57jer5e6mn374pffs4kqsejxak0s8a06z6swcybyrnh65p23hhmk3065s64gyfejh1fm7w5r2ag4s0s3zmwg7vh95fgwef0y2v7v9q86zjp62s1c2j6bmrzfnmt12sbq7xj9gc8f6eqytf1khvbwzfx85gvyq250enjde5tpdhmw9ng6c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC632dGRnbZM3LJayGn88Px7ORoAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJKgSnmX1yyPqgDAcgDAqoE3wFP0FGI4GsjKhFM23280oAnkHR7fDyvX8Y0kqaK1_J_8cPVvvdrSbpq0Q4ppGE-esyxNDZTbKMy0pgS4M6vC5dNauKVzDqGH5SONNJMltARSluF6ne2FOgA3tiX4cxp8nmUwA23fOZrj37yPuKZZiDe2oalMcKGCSIabNL0GHekOxv7RZZQMgklMWHs3oP5fmXA9ex8xwJzG_f9GV_WsY9FlYzEFuv4rQsC4GU2rswfWQ8ch891i53s2rSYoTkBSedoF--pkmg5y6f48-XZhD8YcpbrmrtTggaOQIed1yLLgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0H7iwkLdWAPGLDFy_m0tUn_5DAjQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c03e3b2943f699bc681b4449f737e96566128d62402914d631a6930bfc55106d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
722880
cf-polished
origFmt=png, origSize=167445
alt-svc
h3=":443"; ma=86400
content-length
99202
cf-bgj
imgq:85,h2pri
last-modified
Wed, 03 May 2023 10:42:06 GMT
server
cloudflare
etag
"cdf0423881e134b37ad0cbff5572a8e7"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SzAFEpT%2F4gIT4sW32PsdY3uEB4ZKGeB%2Bb%2Fz3iMJ%2BU0eWcjRTN96i8AQ1cVx3U2MfMkouxz%2B27JHoFKMFQ35WZ8g92xIRR%2BX1wgdcZU5855t6NQai6aqA%2F5peibbsVFVej84QqKHcSTZxx1tR"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f6f5486cdfc39ec-FRA
expires
Wed, 16 Aug 2023 06:20:10 GMT
/
www.restposten.de/ Frame 4AFB
Redirect Chain
  • https://t.adcell.com/p/view?promoId=309583&slotId=46690&pv=1&htlp=1&subId=oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.restposten.de/?utm_source=ADCELL&utm_medium=Text&utm_campaign=Standard&bid=309583-46690-oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.restposten.de/?utm_source=ADCELL&utm_medium=Text&utm_campaign=Standard&bid=309583-46690-oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=6a045a7050e1b74ba1d82576e31e9227%2F11710773295525951317&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410569&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5b3s7g4bkv9g2cgnj4wyapz86344fr6dj0t4ywgr1ttra0fj6xattsv4zsy0edjw2m61pdmcak89vw0vnzwtf5f13gyq20qk76kqbvx57jer5e6mn374pffs4kqsejxak0s8a06z6swcybyrnh65p23hhmk3065s64gyfejh1fm7w5r2ag4s0s3zmwg7vh95fgwef0y2v7v9q86zjp62s1c2j6bmrzfnmt12sbq7xj9gc8f6eqytf1khvbwzfx85gvyq250enjde5tpdhmw9ng6c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC632dGRnbZM3LJayGn88Px7ORoAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJKgSnmX1yyPqgDAcgDAqoE3wFP0FGI4GsjKhFM23280oAnkHR7fDyvX8Y0kqaK1_J_8cPVvvdrSbpq0Q4ppGE-esyxNDZTbKMy0pgS4M6vC5dNauKVzDqGH5SONNJMltARSluF6ne2FOgA3tiX4cxp8nmUwA23fOZrj37yPuKZZiDe2oalMcKGCSIabNL0GHekOxv7RZZQMgklMWHs3oP5fmXA9ex8xwJzG_f9GV_WsY9FlYzEFuv4rQsC4GU2rswfWQ8ch891i53s2rSYoTkBSedoF--pkmg5y6f48-XZhD8YcpbrmrtTggaOQIed1yLLgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0H7iwkLdWAPGLDFy_m0tUn_5DAjQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
3.124.181.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-181-128.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Redirect headers

date
Tue, 15 Aug 2023 06:19:42 GMT
strict-transport-security
max-age=15768000
server
myracloud
content-type
text/html
location
https://www.restposten.de/?utm_source=ADCELL&utm_medium=Text&utm_campaign=Standard&bid=309583-46690-oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
cache-control
max-age=0
content-length
0
expires
Tue, 15 Aug 2023 06:19:42 GMT
AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
assets.ad4m.at/logo/ Frame 4AFB 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=6a045a7050e1b74ba1d82576e31e9227%2F11710773295525951317&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410569&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5b3s7g4bkv9g2cgnj4wyapz86344fr6dj0t4ywgr1ttra0fj6xattsv4zsy0edjw2m61pdmcak89vw0vnzwtf5f13gyq20qk76kqbvx57jer5e6mn374pffs4kqsejxak0s8a06z6swcybyrnh65p23hhmk3065s64gyfejh1fm7w5r2ag4s0s3zmwg7vh95fgwef0y2v7v9q86zjp62s1c2j6bmrzfnmt12sbq7xj9gc8f6eqytf1khvbwzfx85gvyq250enjde5tpdhmw9ng6c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC632dGRnbZM3LJayGn88Px7ORoAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJKgSnmX1yyPqgDAcgDAqoE3wFP0FGI4GsjKhFM23280oAnkHR7fDyvX8Y0kqaK1_J_8cPVvvdrSbpq0Q4ppGE-esyxNDZTbKMy0pgS4M6vC5dNauKVzDqGH5SONNJMltARSluF6ne2FOgA3tiX4cxp8nmUwA23fOZrj37yPuKZZiDe2oalMcKGCSIabNL0GHekOxv7RZZQMgklMWHs3oP5fmXA9ex8xwJzG_f9GV_WsY9FlYzEFuv4rQsC4GU2rswfWQ8ch891i53s2rSYoTkBSedoF--pkmg5y6f48-XZhD8YcpbrmrtTggaOQIed1yLLgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0H7iwkLdWAPGLDFy_m0tUn_5DAjQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ac477d8785a4c9ef373969dd3f047e310bfb60d77bc518593795177bd131227

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1394921
cf-polished
origFmt=png, origSize=60352
alt-svc
h3=":443"; ma=86400
content-length
32982
cf-bgj
imgq:85,h2pri
last-modified
Fri, 28 Jul 2023 11:40:29 GMT
server
cloudflare
etag
"0c5d451d92738dcd96474c734dc5b7c8"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWI9%2FXvTrdwLNKizr0gQ4v76L8haM3yE2vkWT62ceX4v5S%2BrJDDrihZrlRtc0zUWxW9YV5kxLzSj6B8pqwg%2BJEIHfeikI4V1HjyRZGuaKWHoeZyg1KEohmcbeNVowCr%2BCDsyj7RKYuKnvThB"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f6f5486de0439ec-FRA
expires
Wed, 16 Aug 2023 06:20:10 GMT
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 4AFB 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=6a045a7050e1b74ba1d82576e31e9227%2F11710773295525951317&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410569&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5b3s7g4bkv9g2cgnj4wyapz86344fr6dj0t4ywgr1ttra0fj6xattsv4zsy0edjw2m61pdmcak89vw0vnzwtf5f13gyq20qk76kqbvx57jer5e6mn374pffs4kqsejxak0s8a06z6swcybyrnh65p23hhmk3065s64gyfejh1fm7w5r2ag4s0s3zmwg7vh95fgwef0y2v7v9q86zjp62s1c2j6bmrzfnmt12sbq7xj9gc8f6eqytf1khvbwzfx85gvyq250enjde5tpdhmw9ng6c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC632dGRnbZM3LJayGn88Px7ORoAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJKgSnmX1yyPqgDAcgDAqoE3wFP0FGI4GsjKhFM23280oAnkHR7fDyvX8Y0kqaK1_J_8cPVvvdrSbpq0Q4ppGE-esyxNDZTbKMy0pgS4M6vC5dNauKVzDqGH5SONNJMltARSluF6ne2FOgA3tiX4cxp8nmUwA23fOZrj37yPuKZZiDe2oalMcKGCSIabNL0GHekOxv7RZZQMgklMWHs3oP5fmXA9ex8xwJzG_f9GV_WsY9FlYzEFuv4rQsC4GU2rswfWQ8ch891i53s2rSYoTkBSedoF--pkmg5y6f48-XZhD8YcpbrmrtTggaOQIed1yLLgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0H7iwkLdWAPGLDFy_m0tUn_5DAjQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
788015
cf-polished
origFmt=png, origSize=105738
alt-svc
h3=":443"; ma=86400
content-length
55786
cf-bgj
imgq:85,h2pri
last-modified
Mon, 04 Jul 2022 08:55:40 GMT
server
cloudflare
etag
"147be38db57f89c69c9e65b05983ff0e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=biBv36JFJFPPwxwpSajhDNwTA3c7OuaOcvDoLu1odZQx%2BtC2H6QQhdzJ7CBxuna%2BnZvM8%2FEWZ5kJsrhRG7jwFV5uQSj0ieQQy%2FBRG6LpCpgIo6EBRUDxJvtNchDiOeJbd0Z%2FX2%2Fbf3Rw32d6"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f6f5486de0639ec-FRA
expires
Wed, 16 Aug 2023 06:20:10 GMT
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 4AFB 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=6a045a7050e1b74ba1d82576e31e9227%2F11710773295525951317&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410569&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5b3s7g4bkv9g2cgnj4wyapz86344fr6dj0t4ywgr1ttra0fj6xattsv4zsy0edjw2m61pdmcak89vw0vnzwtf5f13gyq20qk76kqbvx57jer5e6mn374pffs4kqsejxak0s8a06z6swcybyrnh65p23hhmk3065s64gyfejh1fm7w5r2ag4s0s3zmwg7vh95fgwef0y2v7v9q86zjp62s1c2j6bmrzfnmt12sbq7xj9gc8f6eqytf1khvbwzfx85gvyq250enjde5tpdhmw9ng6c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC632dGRnbZM3LJayGn88Px7ORoAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJKgSnmX1yyPqgDAcgDAqoE3wFP0FGI4GsjKhFM23280oAnkHR7fDyvX8Y0kqaK1_J_8cPVvvdrSbpq0Q4ppGE-esyxNDZTbKMy0pgS4M6vC5dNauKVzDqGH5SONNJMltARSluF6ne2FOgA3tiX4cxp8nmUwA23fOZrj37yPuKZZiDe2oalMcKGCSIabNL0GHekOxv7RZZQMgklMWHs3oP5fmXA9ex8xwJzG_f9GV_WsY9FlYzEFuv4rQsC4GU2rswfWQ8ch891i53s2rSYoTkBSedoF--pkmg5y6f48-XZhD8YcpbrmrtTggaOQIed1yLLgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0H7iwkLdWAPGLDFy_m0tUn_5DAjQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55fc10baa9c6fa8d98acac31beba1be0e8f688344f243dea838b5b03e8566a3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1405077
cf-polished
origSize=9357, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
4429
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMqie4aq4e07JtKgmbrRAus2K1bXv9UJQyQ6pqcINhg7wy1ipXlELsRQ0QDhwu3gZCqB2f6B3mUKJU%2FNCCQEYKovlCegg5dKF6xpoD1dszrvw%2FU%2BNJefeomWwt9EP9D6VnO8eMKZ%2BlfJ6Tt2"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f6f5486de0739ec-FRA
expires
Wed, 16 Aug 2023 06:20:10 GMT
B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 4AFB 		253 KB
254 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=6a045a7050e1b74ba1d82576e31e9227%2F11710773295525951317&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410569&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5b3s7g4bkv9g2cgnj4wyapz86344fr6dj0t4ywgr1ttra0fj6xattsv4zsy0edjw2m61pdmcak89vw0vnzwtf5f13gyq20qk76kqbvx57jer5e6mn374pffs4kqsejxak0s8a06z6swcybyrnh65p23hhmk3065s64gyfejh1fm7w5r2ag4s0s3zmwg7vh95fgwef0y2v7v9q86zjp62s1c2j6bmrzfnmt12sbq7xj9gc8f6eqytf1khvbwzfx85gvyq250enjde5tpdhmw9ng6c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC632dGRnbZM3LJayGn88Px7ORoAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJKgSnmX1yyPqgDAcgDAqoE3wFP0FGI4GsjKhFM23280oAnkHR7fDyvX8Y0kqaK1_J_8cPVvvdrSbpq0Q4ppGE-esyxNDZTbKMy0pgS4M6vC5dNauKVzDqGH5SONNJMltARSluF6ne2FOgA3tiX4cxp8nmUwA23fOZrj37yPuKZZiDe2oalMcKGCSIabNL0GHekOxv7RZZQMgklMWHs3oP5fmXA9ex8xwJzG_f9GV_WsY9FlYzEFuv4rQsC4GU2rswfWQ8ch891i53s2rSYoTkBSedoF--pkmg5y6f48-XZhD8YcpbrmrtTggaOQIed1yLLgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0H7iwkLdWAPGLDFy_m0tUn_5DAjQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2421598
cf-polished
origFmt=png, origSize=431531
alt-svc
h3=":443"; ma=86400
content-length
259252
cf-bgj
imgq:85,h2pri
last-modified
Fri, 16 Jun 2023 10:20:07 GMT
server
cloudflare
etag
"16f7fe8ce7119ba0f513f8179ecb2d3a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qj%2BfkeYWAN3ZIbb0sG08EkoyEl98lBh%2Bp%2B3GdxISZb8KRyaGgRJkBPD2Gf6btDW7twM79vPTCnHhZQTGup1xZvrQ89iHRAsZFXU9B9tRIhgIzBREnDAz5xvzfsDR2XDBQxaWmMMD3X8s5oZV"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f6f5486de0839ec-FRA
expires
Wed, 16 Aug 2023 06:20:10 GMT
cshow.php
www.awin1.com/ Frame 4AFB 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=6a045a7050e1b74ba1d82576e31e9227%2F11710773295525951317&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410569&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5b3s7g4bkv9g2cgnj4wyapz86344fr6dj0t4ywgr1ttra0fj6xattsv4zsy0edjw2m61pdmcak89vw0vnzwtf5f13gyq20qk76kqbvx57jer5e6mn374pffs4kqsejxak0s8a06z6swcybyrnh65p23hhmk3065s64gyfejh1fm7w5r2ag4s0s3zmwg7vh95fgwef0y2v7v9q86zjp62s1c2j6bmrzfnmt12sbq7xj9gc8f6eqytf1khvbwzfx85gvyq250enjde5tpdhmw9ng6c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC632dGRnbZM3LJayGn88Px7ORoAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJKgSnmX1yyPqgDAcgDAqoE3wFP0FGI4GsjKhFM23280oAnkHR7fDyvX8Y0kqaK1_J_8cPVvvdrSbpq0Q4ppGE-esyxNDZTbKMy0pgS4M6vC5dNauKVzDqGH5SONNJMltARSluF6ne2FOgA3tiX4cxp8nmUwA23fOZrj37yPuKZZiDe2oalMcKGCSIabNL0GHekOxv7RZZQMgklMWHs3oP5fmXA9ex8xwJzG_f9GV_WsY9FlYzEFuv4rQsC4GU2rswfWQ8ch891i53s2rSYoTkBSedoF--pkmg5y6f48-XZhD8YcpbrmrtTggaOQIed1yLLgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0H7iwkLdWAPGLDFy_m0tUn_5DAjQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Aug 2023 06:20:10 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
link.html
track.webgains.com/ Frame 3686 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k1j5n5apdtykaw2e20mj0vvfeq2zq0540wj7d8bnndkeym2yy75h47vkdsxzj4vccqy93s8m5vg8ybh7077kmc09a03f4h4f9abqq8b6dcmbvq8jz9wqpmca8ggbwh46aax72w6v8xp2e6qk02528yf0bdx4tr1269x1ypf0nbp21mytbewk93vq4r3ff00webvz61p6vpwvx1zx4nnycb0305ny9s7vm8em7qh7sq6f45j42zhwcmj9q0ymqbpbjm0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g74t3dmf0w9v3shzwx6hfyjn7ajtw109j70qck4z4et03hb4x6s2wbnn8aw4nktc9aw5qkjq2gyn1sw9bbakh0p785qhed2sg99apbq6sneqvna6355fcpm9m4cqtj33ch66yp3e3vmbf3we1kd100r2jtxxy9c401bgbr0sbndd1drj84yncs7j6cc5m3tfc4xs6yy6twdfmxp6875r0r2k8xm0txvvj3m4phsq11qyqvk6kbzc8n80sfa7sfsvbfprzryxvhh64452bzz21vjmw%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCoVGTGRnbZMDmJb_yvPIPn6eCsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQIimafJvEyyPqgDAcgDAqoE1wFP0KMPqou6xrzGiyBF5XVAIP_tHO3xtDJBkuFlGS3fTfze335L0r0m1VUz8nRSEltvEZLAJ6ZWJgm4hpLBaVLtUBpvYu0Ap2dxaSfG3RhtPYxprTsgM6FblfYLPseVRTT0W84JnBbqjnqoNy0alUtuuSfkezrYdkCl2Zqg4fGk1FvwkRAPr_iv8DazlT-rQoe2cZwQTIcwQ14sKhyPCLqUNb_WU78gyXIcmeI9w9dmqkR2d8Q_7XtXjqft23dKyEyWgoPtNmnkFrDXYy4qMQtqr547Fm6M-IAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3pYSGuVl4Yqvk7D6-441Z6J2ibAg%252526client%25253Dca-pub-1983042674979462%252526adurl%25253D&clickref=oneid24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C22925%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfjGkcxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfwP3sVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=7d81e3ce49585635a6483b04b8953953%2F5092173492639382676&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g74t3dmf0w9v3shzwx6hfyjn7ajtw109j70qck4z4et03hb4x6s2wbnn8aw4nktc9aw5qkjq2gyn1sw9bbakh0p785qhed2sg99apbq6sneqvna6355fcpm9m4cqtj33ch66yp3e3vmbf3we1kd100r2jtxxy9c401bgbr0sbndd1drj84yncs7j6cc5m3tfc4xs6yy6twdfmxp6875r0r2k8xm0txvvj3m4phsq11qyqvk6kbzc8n80sfa7sfsvbfprzryxvhh64452bzz21vjmw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoVGTGRnbZMDmJb_yvPIPn6eCsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQIimafJvEyyPqgDAcgDAqoE1wFP0KMPqou6xrzGiyBF5XVAIP_tHO3xtDJBkuFlGS3fTfze335L0r0m1VUz8nRSEltvEZLAJ6ZWJgm4hpLBaVLtUBpvYu0Ap2dxaSfG3RhtPYxprTsgM6FblfYLPseVRTT0W84JnBbqjnqoNy0alUtuuSfkezrYdkCl2Zqg4fGk1FvwkRAPr_iv8DazlT-rQoe2cZwQTIcwQ14sKhyPCLqUNb_WU78gyXIcmeI9w9dmqkR2d8Q_7XtXjqft23dKyEyWgoPtNmnkFrDXYy4qMQtqr547Fm6M-IAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3pYSGuVl4Yqvk7D6-441Z6J2ibAg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.87.167 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-87-167.eu-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
server
awselb/2.0
content-length
45
content-type
text/html
link.html
track.webgains.com/ Frame BE98 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jw58k17yh27qmnhdqfwxmdv8wfped920a8tpd62n2s3ved3y0kt52qv0414zf48jqg88e2cjhq8eb89nwy9z2tw2tb9r3vrkqhd9mrgvcyr14sa4wty0swehw6p0gr7ef6nkw51sj50jvm2kpc8rtcfcmjj42zkn2ajw5ws70xhqdnxy15g5qx1m4vjtd8j62x0dby5g1efgp60ssjg4d7qxqajfbrfznwf7rejq7nbj6yg2a9mvk060jkwjf2ya3pnw%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j3vd6acadt1v45qxa5fxx1p0wkmwap385e9x57e1ts7a414mtybwav5h3a2bj1at0gbj4zh6z3r36k9sjadza6nagvhp1014a38wjysd3m5wvk3cf96ag2ynxt238t35ey405kzdpq7kcbxf8nf4qgs7sdb14b6e17zc7x33k7hk6j4sfc0dde4jejj6gsdxbs5dx5mzshprk8t67fdz3h6d86da5brrpbfhvns2y0d2s36pndes6z4aw63ftm87h7hhywhae177yzsb6z834fv7c%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClM5DGRnbZJbiHMXBo9kP9_upOJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAh5w21pFTrI-qAMByAMCqgTfAU_Q05LtXDemvwo9wcATsfkq0jRcbSEKiwJUzDv1qdQed5gsmSEmRrq5HIK3NySQ31yVyR8jJG3BZrProWRcdhvdqxhPSDEX209J0_6HKLBNstbHIhLx7rUUevrlhcpsMjvadF2HswBiuIZizMOwnEVgpB8S-QzS8qKAtPwqJAhvzpt31dilYTA28O1krJC6ipP7P7_4v-RkGp8csCTMO4C36b1uWkUeyRP5IpBZIT9nyalTSRbZEKPcq7yzFAEPT9T0TjWSBx26cwC2xWvuBNSREGsDTKX13_7qYyCPG-SABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0VrU1eSJkiR6GFB5tUhPMDxENCEQ%252526client%25253Dca-pub-1983042674979462%252526adurl%25253D&clickref=oneid24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C192347%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C7YmUqfzfjXmrurHXHgtECVVef4S1TQPbCEZQx%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=5839870e34d254e5f21845ad7749c4f8%2F15423261383198278964&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3vd6acadt1v45qxa5fxx1p0wkmwap385e9x57e1ts7a414mtybwav5h3a2bj1at0gbj4zh6z3r36k9sjadza6nagvhp1014a38wjysd3m5wvk3cf96ag2ynxt238t35ey405kzdpq7kcbxf8nf4qgs7sdb14b6e17zc7x33k7hk6j4sfc0dde4jejj6gsdxbs5dx5mzshprk8t67fdz3h6d86da5brrpbfhvns2y0d2s36pndes6z4aw63ftm87h7hhywhae177yzsb6z834fv7c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClM5DGRnbZJbiHMXBo9kP9_upOJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAh5w21pFTrI-qAMByAMCqgTfAU_Q05LtXDemvwo9wcATsfkq0jRcbSEKiwJUzDv1qdQed5gsmSEmRrq5HIK3NySQ31yVyR8jJG3BZrProWRcdhvdqxhPSDEX209J0_6HKLBNstbHIhLx7rUUevrlhcpsMjvadF2HswBiuIZizMOwnEVgpB8S-QzS8qKAtPwqJAhvzpt31dilYTA28O1krJC6ipP7P7_4v-RkGp8csCTMO4C36b1uWkUeyRP5IpBZIT9nyalTSRbZEKPcq7yzFAEPT9T0TjWSBx26cwC2xWvuBNSREGsDTKX13_7qYyCPG-SABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0VrU1eSJkiR6GFB5tUhPMDxENCEQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.87.167 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-87-167.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
7c09b126e5ab2b4c8c361f683fa988557df8f5b22808894b089aca178c2f926e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
last-modified
Tue, 15 Aug 2023 06:20:10 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 15 Aug 2023 06:21:10 GMT
link.html
track.webgains.com/ Frame 4AFB 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j2ce9mecfxhf0d1vzwshztge9t311y8k47tgcdc4h3pqy7xmr7m49nzgj6cp5ys4cnkrse6x27vacatrcap0jdf7dns6zdnnggczm0mbp2zp1qkmgndc7p3f9nrv43p8vqz4t2bwwwy676bf1nbsvv25fqx55eqz9z1jt6t5p8qmp5ktcvxem6yhtx3m2djc7vv20y71ms2x03p1mj03h38exakqmdbr3g1vte4kakb9qz8w6vf56zg1t3x9fmb804s8%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k5b3s7g4bkv9g2cgnj4wyapz86344fr6dj0t4ywgr1ttra0fj6xattsv4zsy0edjw2m61pdmcak89vw0vnzwtf5f13gyq20qk76kqbvx57jer5e6mn374pffs4kqsejxak0s8a06z6swcybyrnh65p23hhmk3065s64gyfejh1fm7w5r2ag4s0s3zmwg7vh95fgwef0y2v7v9q86zjp62s1c2j6bmrzfnmt12sbq7xj9gc8f6eqytf1khvbwzfx85gvyq250enjde5tpdhmw9ng6c%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC632dGRnbZM3LJayGn88Px7ORoAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJKgSnmX1yyPqgDAcgDAqoE3wFP0FGI4GsjKhFM23280oAnkHR7fDyvX8Y0kqaK1_J_8cPVvvdrSbpq0Q4ppGE-esyxNDZTbKMy0pgS4M6vC5dNauKVzDqGH5SONNJMltARSluF6ne2FOgA3tiX4cxp8nmUwA23fOZrj37yPuKZZiDe2oalMcKGCSIabNL0GHekOxv7RZZQMgklMWHs3oP5fmXA9ex8xwJzG_f9GV_WsY9FlYzEFuv4rQsC4GU2rswfWQ8ch891i53s2rSYoTkBSedoF--pkmg5y6f48-XZhD8YcpbrmrtTggaOQIed1yLLgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0H7iwkLdWAPGLDFy_m0tUn_5DAjQ%252526client%25253Dca-pub-1983042674979462%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=6a045a7050e1b74ba1d82576e31e9227%2F11710773295525951317&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410569&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5b3s7g4bkv9g2cgnj4wyapz86344fr6dj0t4ywgr1ttra0fj6xattsv4zsy0edjw2m61pdmcak89vw0vnzwtf5f13gyq20qk76kqbvx57jer5e6mn374pffs4kqsejxak0s8a06z6swcybyrnh65p23hhmk3065s64gyfejh1fm7w5r2ag4s0s3zmwg7vh95fgwef0y2v7v9q86zjp62s1c2j6bmrzfnmt12sbq7xj9gc8f6eqytf1khvbwzfx85gvyq250enjde5tpdhmw9ng6c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC632dGRnbZM3LJayGn88Px7ORoAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJKgSnmX1yyPqgDAcgDAqoE3wFP0FGI4GsjKhFM23280oAnkHR7fDyvX8Y0kqaK1_J_8cPVvvdrSbpq0Q4ppGE-esyxNDZTbKMy0pgS4M6vC5dNauKVzDqGH5SONNJMltARSluF6ne2FOgA3tiX4cxp8nmUwA23fOZrj37yPuKZZiDe2oalMcKGCSIabNL0GHekOxv7RZZQMgklMWHs3oP5fmXA9ex8xwJzG_f9GV_WsY9FlYzEFuv4rQsC4GU2rswfWQ8ch891i53s2rSYoTkBSedoF--pkmg5y6f48-XZhD8YcpbrmrtTggaOQIed1yLLgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0H7iwkLdWAPGLDFy_m0tUn_5DAjQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.87.167 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-87-167.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
e38ae9d60b373286265d6eea723e68caa6f2fa19227bebccf02dee53b65bef72

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
last-modified
Tue, 15 Aug 2023 06:20:10 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 15 Aug 2023 06:21:10 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7112 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230810&jk=4231817946788915&bg=!lJell8PNAAaiGN5Pghg7ADkAdvg8Wheh7RmwUszrZEPyoSyucjl-DtjXATuTIPJ070PMxfjbpx4OZrKx331URwvAsVYwdveQj6sCAAABIFIAAAAFaAEHCgB8i2OXiJj0AkcSXe4CjT2OwzNPhcuOe3-34IhqzJ2pvIZLhyuXnKO1lEyh_SdE4HoYYA5On1rC6XtGvnRI1WFC9bL7f8ru6rQ6m6P-8_cLFGdjqIOFP3hpyG46vJVAm7VUmHWA0dE-FAyY9anYMKFA04Up04OIGC8k55hLRZkC0LhXzvTNvE3T8dARxN5i0WkUmOAe7oqYRkSHbCE4zbn5OpaUWlwtHZamDKPJRj6EJAYg6lzKpJoFULFAA5n125wsTZsIDoOwJl9bYMw6oz4eLF08PZw-ag7k1ocWBAs167NUK0hhvwkix5ZU9iUgoqGBX0JfQTOzcrIxo3_3vYSq_-MmUFRXb0qjG5jGSkt_TTOI2Nt4sja3MmKdyZDlGIWj9Z4ucfNPWX8aT8LkG2OnKVzLJgGqVRVsILWPr14SvCw3UOu0RkWU44pXTo0eClzCZoRpz_5W-2FSWQxQmB-buBurruLfi02kYShEE3EgnO2hXRT5os3zrQGvU3-PU4W-NGWRTuT-pup9doBXpRDbEN6X6ImzrFIEu_ulUr54RC5x1d1XRPLH0kaJVpTnJ99vta2HlfyB_ceWV_7tTeryRHc4yl9qfuCOXmvT19FUXgViPe2HpE94csWH9cOZWDWJamXqifYVVsn_EViK-iIdeYiXjC5VbXFrIQeD1LoaGs3pHW4JM1OcJ_EfyICTJrbIEMm2yS6pHBgqxawtMiJfy8mDbkKw2eSqTkro_T2YtMO1rwLbyS7VXN4u42KIahRy0PbgzdE-R0saCffPHLBDgzUXllmlPj-QNnZFi-bL4VUFVjvdUY3P-A66YQKrexJvslK2io6gQWn2vNYK_AkLaW3W0GiADDCQPfmQkhwNpkmDR7hCd425oid5ZiUlcuW795bMcNaDCPnFOMFgNsHlYYm61QUluIAffNGZu97qI0-fuIPdZf108gZKnAlUUrrHnXKzhJIeharf_l7KdTdgKIaJu86xl4moeUDR0JmlZaBiR56ug-Wa9aAvVJHzdl2XUMmVU7pRlJqteu0hhcyYxS5S57Ydro00eLinx8u1-GpOuTWJNpAMTJ3ZLCS3ElX-TwnHOUXyaBIlSH-PA5V4zjzfTPyC9QlhLFoBZWKDAw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
pvClk.min.js
analytics.webgains.io/ Frame 4AFB 		51 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j2ce9mecfxhf0d1vzwshztge9t311y8k47tgcdc4h3pqy7xmr7m49nzgj6cp5ys4cnkrse6x27vacatrcap0jdf7dns6zdnnggczm0mbp2zp1qkmgndc7p3f9nrv43p8vqz4t2bwwwy676bf1nbsvv25fqx55eqz9z1jt6t5p8qmp5ktcvxem6yhtx3m2djc7vv20y71ms2x03p1mj03h38exakqmdbr3g1vte4kakb9qz8w6vf56zg1t3x9fmb804s8%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k5b3s7g4bkv9g2cgnj4wyapz86344fr6dj0t4ywgr1ttra0fj6xattsv4zsy0edjw2m61pdmcak89vw0vnzwtf5f13gyq20qk76kqbvx57jer5e6mn374pffs4kqsejxak0s8a06z6swcybyrnh65p23hhmk3065s64gyfejh1fm7w5r2ag4s0s3zmwg7vh95fgwef0y2v7v9q86zjp62s1c2j6bmrzfnmt12sbq7xj9gc8f6eqytf1khvbwzfx85gvyq250enjde5tpdhmw9ng6c%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC632dGRnbZM3LJayGn88Px7ORoAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJKgSnmX1yyPqgDAcgDAqoE3wFP0FGI4GsjKhFM23280oAnkHR7fDyvX8Y0kqaK1_J_8cPVvvdrSbpq0Q4ppGE-esyxNDZTbKMy0pgS4M6vC5dNauKVzDqGH5SONNJMltARSluF6ne2FOgA3tiX4cxp8nmUwA23fOZrj37yPuKZZiDe2oalMcKGCSIabNL0GHekOxv7RZZQMgklMWHs3oP5fmXA9ex8xwJzG_f9GV_WsY9FlYzEFuv4rQsC4GU2rswfWQ8ch891i53s2rSYoTkBSedoF--pkmg5y6f48-XZhD8YcpbrmrtTggaOQIed1yLLgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0H7iwkLdWAPGLDFy_m0tUn_5DAjQ%252526client%25253Dca-pub-1983042674979462%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-41.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:07:29 GMT
content-encoding
gzip
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 14:11:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
30005
etag
W/"cb7accb6a6fc086cd831549a78a2fe42"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
EDWSHYWribjkUTbO_8Dpa31L5bNY5jYun7-S-ObF-9aXP8dyTZz6xQ==
1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 4AFB 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1692080710&Signature=oXOE-ULtUQ6ldwUYawXg~ICuinlSb93-YjK16aTlLk2K3VrGj1JOsayJg0OvfvPiekjfvPup5epL9DgLbRmIYa6EIOIEi8hJzT5AdKQbtBi~lFj~dRqI4WX8d3f05Id4Z0z9R6hww67eUxYjihnC2D~kbXMVXe1cVAUwo4-jCnPnWplj-n~prE5wI17Ec1E71zgML9JXAGa~6u0XkxghxplH0PMhwSp9vV3dztvyTpgXivCw-KtEC2fCs1bLGj1qxVZNu14C5ZXiaZ7cuSnEbN5FoMlA9dO7w7Grqim-nEIV~PM7DkBj11OJSSi8g-wEJoj6pTmGAbNHnKMT37Sxhw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=6a045a7050e1b74ba1d82576e31e9227%2F11710773295525951317&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410569&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5b3s7g4bkv9g2cgnj4wyapz86344fr6dj0t4ywgr1ttra0fj6xattsv4zsy0edjw2m61pdmcak89vw0vnzwtf5f13gyq20qk76kqbvx57jer5e6mn374pffs4kqsejxak0s8a06z6swcybyrnh65p23hhmk3065s64gyfejh1fm7w5r2ag4s0s3zmwg7vh95fgwef0y2v7v9q86zjp62s1c2j6bmrzfnmt12sbq7xj9gc8f6eqytf1khvbwzfx85gvyq250enjde5tpdhmw9ng6c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC632dGRnbZM3LJayGn88Px7ORoAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJKgSnmX1yyPqgDAcgDAqoE3wFP0FGI4GsjKhFM23280oAnkHR7fDyvX8Y0kqaK1_J_8cPVvvdrSbpq0Q4ppGE-esyxNDZTbKMy0pgS4M6vC5dNauKVzDqGH5SONNJMltARSluF6ne2FOgA3tiX4cxp8nmUwA23fOZrj37yPuKZZiDe2oalMcKGCSIabNL0GHekOxv7RZZQMgklMWHs3oP5fmXA9ex8xwJzG_f9GV_WsY9FlYzEFuv4rQsC4GU2rswfWQ8ch891i53s2rSYoTkBSedoF--pkmg5y6f48-XZhD8YcpbrmrtTggaOQIed1yLLgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0H7iwkLdWAPGLDFy_m0tUn_5DAjQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-62.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 14 Aug 2023 08:17:03 GMT
via
1.1 25fe70cc18ad9b2503949e3460083640.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:41:35 GMT
server
AmazonS3
x-amz-cf-pop
AMS54-C1
age
79387
etag
"d4e8f970f24f6d19b53aa92b1907c1ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15054
x-amz-cf-id
Fx_Q83znp_t-cxBZ8-w4499tyRbN3W4_XSv61p_qNRMcW7I64ZvXew==
pvClk.min.js
analytics.webgains.io/ Frame BE98 		51 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jw58k17yh27qmnhdqfwxmdv8wfped920a8tpd62n2s3ved3y0kt52qv0414zf48jqg88e2cjhq8eb89nwy9z2tw2tb9r3vrkqhd9mrgvcyr14sa4wty0swehw6p0gr7ef6nkw51sj50jvm2kpc8rtcfcmjj42zkn2ajw5ws70xhqdnxy15g5qx1m4vjtd8j62x0dby5g1efgp60ssjg4d7qxqajfbrfznwf7rejq7nbj6yg2a9mvk060jkwjf2ya3pnw%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j3vd6acadt1v45qxa5fxx1p0wkmwap385e9x57e1ts7a414mtybwav5h3a2bj1at0gbj4zh6z3r36k9sjadza6nagvhp1014a38wjysd3m5wvk3cf96ag2ynxt238t35ey405kzdpq7kcbxf8nf4qgs7sdb14b6e17zc7x33k7hk6j4sfc0dde4jejj6gsdxbs5dx5mzshprk8t67fdz3h6d86da5brrpbfhvns2y0d2s36pndes6z4aw63ftm87h7hhywhae177yzsb6z834fv7c%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClM5DGRnbZJbiHMXBo9kP9_upOJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAh5w21pFTrI-qAMByAMCqgTfAU_Q05LtXDemvwo9wcATsfkq0jRcbSEKiwJUzDv1qdQed5gsmSEmRrq5HIK3NySQ31yVyR8jJG3BZrProWRcdhvdqxhPSDEX209J0_6HKLBNstbHIhLx7rUUevrlhcpsMjvadF2HswBiuIZizMOwnEVgpB8S-QzS8qKAtPwqJAhvzpt31dilYTA28O1krJC6ipP7P7_4v-RkGp8csCTMO4C36b1uWkUeyRP5IpBZIT9nyalTSRbZEKPcq7yzFAEPT9T0TjWSBx26cwC2xWvuBNSREGsDTKX13_7qYyCPG-SABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0VrU1eSJkiR6GFB5tUhPMDxENCEQ%252526client%25253Dca-pub-1983042674979462%252526adurl%25253D&clickref=oneid24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-41.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:07:29 GMT
content-encoding
gzip
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 14:11:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
30005
etag
W/"cb7accb6a6fc086cd831549a78a2fe42"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
dT0qjtegZf9GBVqA7ZVA88oidz1ZKeDAnZeHSDDK5xS9TYidxfEWrg==
link.html
track.webgains.com/ Frame BE98 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=3756941
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C192347%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C7YmUqfzfjXmrurHXHgtECVVef4S1TQPbCEZQx%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=5839870e34d254e5f21845ad7749c4f8%2F15423261383198278964&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3vd6acadt1v45qxa5fxx1p0wkmwap385e9x57e1ts7a414mtybwav5h3a2bj1at0gbj4zh6z3r36k9sjadza6nagvhp1014a38wjysd3m5wvk3cf96ag2ynxt238t35ey405kzdpq7kcbxf8nf4qgs7sdb14b6e17zc7x33k7hk6j4sfc0dde4jejj6gsdxbs5dx5mzshprk8t67fdz3h6d86da5brrpbfhvns2y0d2s36pndes6z4aw63ftm87h7hhywhae177yzsb6z834fv7c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClM5DGRnbZJbiHMXBo9kP9_upOJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAh5w21pFTrI-qAMByAMCqgTfAU_Q05LtXDemvwo9wcATsfkq0jRcbSEKiwJUzDv1qdQed5gsmSEmRrq5HIK3NySQ31yVyR8jJG3BZrProWRcdhvdqxhPSDEX209J0_6HKLBNstbHIhLx7rUUevrlhcpsMjvadF2HswBiuIZizMOwnEVgpB8S-QzS8qKAtPwqJAhvzpt31dilYTA28O1krJC6ipP7P7_4v-RkGp8csCTMO4C36b1uWkUeyRP5IpBZIT9nyalTSRbZEKPcq7yzFAEPT9T0TjWSBx26cwC2xWvuBNSREGsDTKX13_7qYyCPG-SABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0VrU1eSJkiR6GFB5tUhPMDxENCEQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.87.167 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-87-167.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
4678201b0274f75c6f34a6810d09fe2e90eb9cd736c0cfd7487f1d7974569c4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:10 GMT
last-modified
Tue, 15 Aug 2023 06:20:10 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 15 Aug 2023 06:21:10 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 420A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230810&jk=964398651614398&bg=!qKulq__NAAaiGN5Pghg7ADkAdvg8WoG1KnzN5zoRPxwA2KdY2ODewB4ZZsGaTTkwEVhdOh7fW6tuvPLwYSNTAzp7jwyw0PHfKMwCAAABjFIAAAAHaAEHCgB79cai-HOojUE4p8qymQHf-1c3UET28PL4VgsWW9FMBfGSfvktgkj2UUKJVyy_Bkkp2vpMS4zIIVAtfGaMLCb8ZH5fpmNkoHFfn0eopHBPYFTL9dg3xxrTtp71gnlcI6etCxGDBHnTW403nyZe7edEvgfCXVpBhZhX0ByXmQLUeJm_YxQqE_gn6wk64niF5RcZYT6VomwJls7vZy_db0FtkueLZxLdsG4RYyfv_GWiYifXsX62N0Olg3MgAvg23V_kGshc52qH0RV8OVQoJ0u4EUvSPUypmEN7PBdwmyNnJCeZdLY6yfHQsVbK18feTkjinoVPEwCVbZVw3mIh1br71shjLzxf5Sl5U9mpVqqXlnpumWnNpIuZtTUSQE_sn9BtQKioZuU6LNpzNaiMP7Bm4ymbojEKIb8D0DJ3UPVM4AlgYH5ES-qDOuAh5oyBzC4CZHo_um_9FeYs1mFEU4CMDjrj7IS1i_V3h8sNcPb2H0UZr-PVm0OWXhFtqwZY-B-SC4nFUDWu5D9D74xglDfz3wK9H-X5-e_oXwGR87pQibrBfeXkmgRKtVBW6eix7b2pMGZmipq-eEa2nw0qznHoposcp_cLwb9cniH3GFAJe2xhDDLhz6XLCAJmaH8DGCYxBhmVpUwoV8qeSc3iNKWwuL1pUBw8RIB6FtRK5hYeX_QdasW6c-B8lgsuSQpik6zH3gApMUWDK3uE3D5BqQhJJs9aNheknV1BH_PSyEhX7O430gYwlgSdHlvzx-ipv0Mb-_WoguvyiSQcV50t9yVq6_k4ZpKb3WbJn0BBipSv11Xf4JH-O1if7Li5qSl5JJbmvJ_opbiEGgDulayKF0cmIlLEevsSzorDdNvBNZHE5M2lq_7X04_piiO-siwQTSMwz7OU9WyYjymqqPF4hvj-JA6uw0MD5DtoVuw0SIqRq2lJJh6P1x5BV0D4UKdalYsjI8yJ4PASoOwxbIlw9FjBXKqfXNBBVU4JvdQ6_DqzQpt6OU1Zud2bTUkDFdHRIW8OXghi4frLh9al5z6gp38QBlWdGPuLwOINDaAluVXXHcAw8iNcYPiuZwg6VWdkNQflks1poqa4Z3DOtBwOU42My2xYLQbi36ojFowHSlgPswEHhw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
idSync
sync.aralego.com/ 		35 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:12 GMT
connection
close
content-length
35
content-type
image/gif
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.43.74.95 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-43-74-95.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 15 Aug 2023 06:20:12 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 4AFB 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.43.74.95 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-43-74-95.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 15 Aug 2023 06:20:12 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame BE98 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.43.74.95 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-43-74-95.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 15 Aug 2023 06:20:12 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.43.74.95 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-43-74-95.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 15 Aug 2023 06:20:12 GMT
server
nginx
idSync
sync.aralego.com/ Frame 7E90 		35 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:12 GMT
connection
close
content-length
35
content-type
image/gif
idSync
sync.aralego.com/ Frame 7112 		35 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:12 GMT
connection
close
content-length
35
content-type
image/gif
idSync
sync.aralego.com/ Frame 420A 		35 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync
Requested by
Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:12 GMT
connection
close
content-length
35
content-type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame 3385 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst0x2X6nZTJv3x1jHfGX6Xik_A8mrZ4Jo7yvbvGg8vjULZ47W8WUtGCQW42Q-ujz2OKf7nV4FYSOMUQPiS5zCQy35lt6a77DllhM9NN43otFMONlWebpFnfWG5OUIvnIFo&sai=AMfl-YSulI6re8NBR5C83h1aD8chQrhVpY6eoSgvwa-akIGpVGFI4PF3E74d0p70DlFWBonDTXChCc0uiOjQJ0NAp6FVbVHMmJb7TcShRxIyivar0uHMRwXrrf-HOLKm&sig=Cg0ArKJSzCCXXheZGV8pEAE&cid=CAQSPABpAlJWsYKXkeLee26l99NnSWPbblckEKxb84wnMdv5_s2gvZUX_drgkxcmHF-d16LnyITMyzAsAouxSRgB&id=lidarv&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,189,335%26tos%3D2062,0,0,0,0%26mtos%3D2062,2062,2062,2062,2062%26amtos%3D0,0,0,0,0%26mcvt%3D2062%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2224%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D39%26pst%3D202%26dur%3D15018%26vmtime%3D2233%26dtos%3D2062%26dtoss%3D1%26dvs%3D2062%26dfvs%3D2062%26dvpt%3D2224%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D466637042%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2062&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1692080410424
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-PPY9Z37CCJ&gtm=45je3890&_p=1772006471&cid=433030508.1692080408&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=3&sid=1692080407&sct=1&seg=0&dl=https%3A%2F%2Flihkg.com%2Fthread%2F3470022%2Fpage%2F3&dt=%233470022%23%E4%BB%8A%E6%97%A5%E4%BF%BE%E5%80%8B%E8%81%B7%E5%93%A1%E5%8F%AB%E6%88%91%E5%8E%BB%E7%9F%B3%E9%96%80%E6%8B%8E%E5%AD%B8%E7%94%9F%E8%AD%89&en=ad_impression&ep.query_id=CK3Y0d2C3oADFQLA3god3T8LuA&_et=1256
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PPY9Z37CCJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lihkg.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 3385
Redirect Chain
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiUVVBUlRJTEUxIiwicHVibGlzaGVyVXVpZCI6ImE1ZGIwMmIwLTJiNzgtNDlhMy04NGZmLTAwNTU5ZDY5N2NiOSIsInNpdGVVdWlkIjoiYWZkZGVmNWQtYzIwNC00MGE5LWI0ZmItOTY...
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=cb308c0b-204b-4bf8-b5ae-56b3356caf2b&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A2%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted...
43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10173&asId=cb308c0b-204b-4bf8-b5ae-56b3356caf2b&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A2%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Protocol
H2
Server
2600:1f18:1aca:4281:e148:1293:6d53:b2b9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:14 GMT
server
nginx
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Redirect headers

Location
https://dt.adsafeprotected.com/dt?anId=10173&asId=cb308c0b-204b-4bf8-b5ae-56b3356caf2b&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A2%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Date
Tue, 15 Aug 2023 06:20:14 GMT
Connection
keep-alive
Content-Length
0
Vary
Origin
Content-Type
image/png
dc_oe=ChMIwNb43YLegAMVKF2kBB0mIw9SEAAYACDQ295aOhkIkfXfZxCr9_bAsAQY7vmM4wMguJid9eoRQhMIrdjR3YLegAMVAsDeCh3dPwu4;dc_rmcid=CAQSPABpAlJWsYKXkeLee26l99NnSWPbblckEKxb84wnMdv5_s2gvZUX_drgkxcmHF-d16LnyITMy...
ade.googlesyndication.com/ddm/activity/ Frame 3385 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIwNb43YLegAMVKF2kBB0mIw9SEAAYACDQ295aOhkIkfXfZxCr9_bAsAQY7vmM4wMguJid9eoRQhMIrdjR3YLegAMVAsDeCh3dPwu4;dc_rmcid=CAQSPABpAlJWsYKXkeLee26l99NnSWPbblckEKxb84wnMdv5_s2gvZUX_drgkxcmHF-d16LnyITMyzAsAouxSRgB;eps=CIDhgBAQARgdMgKqAjoCgEBIvf3BOg;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,189,335%26tos%3D3654,0,0,0,0%26mtos%3D3654,3654,3654,3654,3654%26amtos%3D0,0,0,0,0%26mcvt%3D3654%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3816%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D41%26pst%3D202%26dur%3D15018%26vmtime%3D3826%26dtos%3D1592%26dtoss%3D2%26dvs%3D1592%26dfvs%3D1592%26dvpt%3D1592%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3654,3654,3654,3654,3654%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D466637042%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3654;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1692080410424;ecn1=1;etm1=0;eid1=960584;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 3385 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CxZlrGBnbZK3sN4KA-wbd_6zAC5z7wM9xuJid9eoRv-iivcABEAEgxqWvPGCVgoCAsAfIAQWpAgk1wegDTrI-qAMByAObBKoEhwJP0BOIYBM9A9SrXuYpk1IKsxf1aeb5Q9_PbBvHlP9SAS8v2CwxQxbeenJOx95d-EOJKEClnzS8BIsTGdh8XtdbLZzvdC8QQ1-goU4f4wHP7sqzsKT6z6myEvRNED4Vlc-N2op00hYGMPhNhW07EgkJNRcg8JXAJeyaPbP0t6E6HMR4IfPo-Mg9dNFdDSALOrUcwi7xTfqgWPiADKNCdpOMGRJ2Y23RHwyZi0OU4pcmnbdPicivkP2nVIt7J2BK4lswQB7Iif8eDb9AnIEaQPi4JpITiTRUVs2bwYTlsOP-CK80HA5higIZWZvdFkV8f3CQSukuXl94uQ1tGGxWl2KM1Jdhd8GT_MAEq_f2wLAE4AQDkAYBoAZOgAfPv8FnqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGiDAgqBgoEw7CxAqoNAkRFyA0BsBOYwY0UyBPu-YzjA9ATANgTCogUBtgUAdAVAfgWAYAXAegXBQ&sigh=Poapph1FTZQ&label=videoplaytime25&ad_mt=3826&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,189,335%26tos%3D3654,0,0,0,0%26mtos%3D3654,3654,3654,3654,3654%26amtos%3D0,0,0,0,0%26mcvt%3D3654%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3816%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D41%26pst%3D202%26dur%3D15018%26vmtime%3D3826%26dtos%3D1592%26dtoss%3D2%26dvs%3D1592%26dfvs%3D1592%26dvpt%3D1592%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3654,3654,3654,3654,3654%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D466637042%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3654&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1692080410424
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Aug 2023 06:20:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/palmate-lihkg/trc/3/ Frame 6059 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-lihkg/trc/3/json?tim=08%3A20%3A14.375&lti=deflated&data=%7B%22id%22%3A563%2C%22ii%22%3A%22%2Fsmj%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1692008208716%2C%22vi%22%3A1692080414372%2C%22cv%22%3A%2220230814-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpb.lihkg.com%2Fsmj%3Ftheme%3Dlight%26passback%3D1%26platform%3Dmobile-web%26is_mobile%3D1%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cmps%22%3A1%2C%22ga%22%3Atrue%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fpb.lihkg.com%2Fsmj%3Ftheme%3Dlight%26passback%3D1%26platform%3Dmobile-web%26is_mobile%3D1%22%2C%22vpi%22%3A%22%2Fsmj%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A320%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A320%2C%22dh%22%3A250%2C%22qs%22%3A%22%3Ftheme%3Dlight%26passback%3D1%26platform%3Dmobile-web%26is_mobile%3D1%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-gam-300x250%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Article%20Thumbnail%20300x250%22%2C%22orig_uip%22%3A%22Mid%20Article%20Thumbnail%20300x250%22%2C%22cd%22%3A0%2C%22mw%22%3A0%2C%22amw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fsmj%2CMid%20Article%20Thumbnail%20300x250%3Dthumbnails-gam-300x250%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230814-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1b1c49de182d613a0cdba7e6f329ce9f4616136aa902e576d637a97abd8c91bc

Request headers

Referer
https://pb.lihkg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
113
date
Tue, 15 Aug 2023 06:20:14 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
8043
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230040-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1692080414.397393,VS0,VE113
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://pb.lihkg.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
json
trc.taboola.com/palmate-lihkg/trc/3/ Frame 695E 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-lihkg/trc/3/json?tim=08%3A20%3A14.476&lti=deflated&data=%7B%22id%22%3A368%2C%22ii%22%3A%22%2Fsmj%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1692008208716%2C%22vi%22%3A1692080414474%2C%22cv%22%3A%2220230814-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpb.lihkg.com%2Fsmj%3Ftheme%3Dlight%26passback%3D1%26platform%3Dmobile-web%26is_mobile%3D1%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cmps%22%3A1%2C%22ga%22%3Atrue%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fpb.lihkg.com%2Fsmj%3Ftheme%3Dlight%26passback%3D1%26platform%3Dmobile-web%26is_mobile%3D1%22%2C%22vpi%22%3A%22%2Fsmj%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A320%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A320%2C%22dh%22%3A250%2C%22qs%22%3A%22%3Ftheme%3Dlight%26passback%3D1%26platform%3Dmobile-web%26is_mobile%3D1%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-gam-300x250%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Article%20Thumbnail%20300x250%22%2C%22orig_uip%22%3A%22Mid%20Article%20Thumbnail%20300x250%22%2C%22cd%22%3A0%2C%22mw%22%3A0%2C%22amw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fsmj%2CMid%20Article%20Thumbnail%20300x250%3Dthumbnails-gam-300x250%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230814-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
504a6d07af6da73a36b08e1874b90b5a25bef74c4fb662f6f6a0a202006d65d6

Request headers

Referer
https://pb.lihkg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
225
date
Tue, 15 Aug 2023 06:20:14 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
7348
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230040-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1692080414.482674,VS0,VE225
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://pb.lihkg.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
userx.20230814-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 6059 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230814-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-lihkg/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
93877fb41c311f4d325de99f371c6640e389236f529bdef4761045706de75736

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
_w3.F96lQpHbwr92u98POqVDYRf6TW4S
content-encoding
gzip
via
1.1 varnish
date
Tue, 15 Aug 2023 06:20:14 GMT
x-amz-request-id
KRXF5WXRFF8JHWQB
age
71617
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
W0jGnMxWrNrHokt+wOmsOVDIjZwRKbiJqrhslUJLV23G3z/9Z3a3bv8ylct5CmhBKdZOSSfx8P0=
x-served-by
cache-fra-eddf8230040-FRA
last-modified
Mon, 14 Aug 2023 10:26:38 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692080415.549403,VS0,VE0
etag
"5f72614281faa88c95e3ffc502746f47"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
33
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
27619
abtests
am-trc-events.taboola.com/palmate-lihkg/log/3/ Frame 6059 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-lihkg/log/3/abtests?route=AM:AM:V&lti=deflated&ri=c1f3ba6adfd9a7e4ccd7f8073772ccf1&sd=v2_3336ab307ad1c49aacb8a6c88f563099_7892d405-3bab-4e90-be00-eab7468517ba-tuctbd49e9e_1692080414_1692080414_CNawjgYQuLpcGKS96L6fMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABog4mFjq2K96socAA&ui=7892d405-3bab-4e90-be00-eab7468517ba-tuctbd49e9e&pi=/smj&wi=-8323673355417702064&pt=text&vi=1692080414372&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1692080414537%7D&tim=08%3A20%3A14.538&id=2417&llvl=2&cv=20230814-2-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 15 Aug 2023 06:20:14 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
507031275__TmQQOc4N.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ Frame 6059 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/507031275__TmQQOc4N.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ee5d413bfe307fddfdfd40f37561f408cd5bcecf5990d9a0fd289bf431fb316d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 15 Aug 2023 06:20:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/507031275__TmQQOc4N.jpg
age
1009137
edge-cache-tag
313869185077115224210820210540848029394,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
313869185077115224210820210540848029394,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
775
req-referer
https://ads.taboola.com/
content-length
10486
x-request-id
c377ac7e12ad7b1207ed7b2d8faef5b2
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200024-IAD, cache-iad-kiad7000127-IAD, cache-lga21978-LGA, cache-iad-kcgs7200154-IAD, cache-fra-eddf8230040-FRA
last-modified
Thu, 03 Aug 2023 14:01:16 GMT
server
nginx
x-timer
S1692080415.566054,VS0,VE1
etag
"7448ed733c8c0ee628853f5e206843ae"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 3, 1
debug
am-trc-events.taboola.com/palmate-lihkg/log/2/ Frame 6059 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-lihkg/log/2/debug?tim=08%3A20%3A14.566&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=9655&cv=20230814-2-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:14 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
28171
userx.20230814-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 695E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230814-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-lihkg/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
93877fb41c311f4d325de99f371c6640e389236f529bdef4761045706de75736

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
_w3.F96lQpHbwr92u98POqVDYRf6TW4S
content-encoding
gzip
via
1.1 varnish
date
Tue, 15 Aug 2023 06:20:14 GMT
x-amz-request-id
KRXF5WXRFF8JHWQB
age
71617
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
W0jGnMxWrNrHokt+wOmsOVDIjZwRKbiJqrhslUJLV23G3z/9Z3a3bv8ylct5CmhBKdZOSSfx8P0=
x-served-by
cache-fra-eddf8230040-FRA
last-modified
Mon, 14 Aug 2023 10:26:38 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692080415.737815,VS0,VE0
etag
"5f72614281faa88c95e3ffc502746f47"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
52
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
27620
fix-user-id
trc.taboola.com/palmate-lihkg/log/3/ Frame 695E 		0
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/palmate-lihkg/log/3/fix-user-id?lti=deflated&ri=f42c52acb7ffa0da0c23221855f2c48f&sd=v2_b010fb0bde92e18077c072897c10f3ce_4d691145-3f79-4e84-b7b5-25ddbfd12ba9-tuctbd49e9e_1692080414_1692080414_CNawjgYQuLpcGIq-6L6fMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABog4mFjq2K96socAA&ui=4d691145-3f79-4e84-b7b5-25ddbfd12ba9-tuctbd49e9e&pi=/smj&wi=-8323673355417702064&pt=text&vi=1692080414474&time=1692080414725&fromUser=7892d405-3bab-4e90-be00-eab7468517ba-tuctbd49e9e&toUser=4d691145-3f79-4e84-b7b5-25ddbfd12ba9-tuctbd49e9e&fromSD=v2_3336ab307ad1c49aacb8a6c88f563099_7892d405-3bab-4e90-be00-eab7468517ba-tuctbd49e9e_1692080414_1692080414_CNawjgYQuLpcGKS96L6fMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABog4mFjq2K96socAA&toSD=v2_b010fb0bde92e18077c072897c10f3ce_4d691145-3f79-4e84-b7b5-25ddbfd12ba9-tuctbd49e9e_1692080414_1692080414_CNawjgYQuLpcGIq-6L6fMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABog4mFjq2K96socAA&tim=08%3A20%3A14.725&id=4573&llvl=2&cv=20230814-2-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Tue, 15 Aug 2023 06:20:14 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7350
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230040-FRA
pragma
no-cache
server
nginx
x-timer
S1692080415.737873,VS0,VE9
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
abtests
am-trc-events.taboola.com/palmate-lihkg/log/3/ Frame 695E 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-lihkg/log/3/abtests?route=AM:AM:V&lti=deflated&ri=f42c52acb7ffa0da0c23221855f2c48f&sd=v2_b010fb0bde92e18077c072897c10f3ce_4d691145-3f79-4e84-b7b5-25ddbfd12ba9-tuctbd49e9e_1692080414_1692080414_CNawjgYQuLpcGIq-6L6fMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABog4mFjq2K96socAA&ui=4d691145-3f79-4e84-b7b5-25ddbfd12ba9-tuctbd49e9e&pi=/smj&wi=-8323673355417702064&pt=text&vi=1692080414474&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1692080414729%7D&tim=08%3A20%3A14.729&id=5506&llvl=2&cv=20230814-2-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 15 Aug 2023 06:20:14 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
7dc01b4b8b24c9f287a823a33d3e2bfe.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 695E 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7dc01b4b8b24c9f287a823a33d3e2bfe.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
406a343022f9fa770b7785a66f0c2c49fadb7c350d3f12abd13eee4fca905ed8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 15 Aug 2023 06:20:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7dc01b4b8b24c9f287a823a33d3e2bfe.png
age
2198284
edge-cache-tag
326589092588721122728896016918352609749,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
326589092588721122728896016918352609749,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
539
req-referer
https://www.gazetevatan.com/
content-length
25378
x-request-id
6c4efeead54617e362ea96cb074a732f
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100115-IAD, cache-iad-kjyo7100176-IAD, cache-chi-klot8100053-CHI, cache-iad-kcgs7200110-IAD, cache-fra-eddf8230040-FRA
last-modified
Fri, 14 Jul 2023 15:01:56 GMT
server
nginx
x-timer
S1692080415.747505,VS0,VE1
etag
"13538a60d4f17d655b36846ad0a9a27e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 16, 1
debug
am-trc-events.taboola.com/palmate-lihkg/log/2/ Frame 695E 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-lihkg/log/2/debug?tim=08%3A20%3A14.754&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=8263&cv=20230814-2-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:14 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
28140
json
trc.taboola.com/palmate-lihkg/trc/3/ Frame 2D5B 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-lihkg/trc/3/json?tim=08%3A20%3A14.816&lti=block_clicks_time_comp_ctrl&data=%7B%22id%22%3A119%2C%22ii%22%3A%22%2Fsmj%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_b010fb0bde92e18077c072897c10f3ce_4d691145-3f79-4e84-b7b5-25ddbfd12ba9-tuctbd49e9e_1692080414_1692080414_CNawjgYQuLpcGIq-6L6fMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABog4mFjq2K96socAA%22%2C%22ui%22%3A%224d691145-3f79-4e84-b7b5-25ddbfd12ba9-tuctbd49e9e%22%2C%22uifp%22%3A%224d691145-3f79-4e84-b7b5-25ddbfd12ba9-tuctbd49e9e%22%2C%22lbt%22%3A1692008208716%2C%22vi%22%3A1692080414813%2C%22cv%22%3A%2220230807-18-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpb.lihkg.com%2Fsmj%3Ftheme%3Dlight%26is_mobile%3D1%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22pev%22%3A12614%2C%22cmps%22%3A1%2C%22ga%22%3Atrue%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fpb.lihkg.com%2Fsmj%3Ftheme%3Dlight%26is_mobile%3D1%22%2C%22vpi%22%3A%22%2Fsmj%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22qs%22%3A%22%3Ftheme%3Dlight%26is_mobile%3D1%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-gam-300x250%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Article%20Thumbnail%20300x250%22%2C%22orig_uip%22%3A%22Mid%20Article%20Thumbnail%20300x250%22%2C%22cd%22%3A0%2C%22mw%22%3A0%2C%22amw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fsmj%2CMid%20Article%20Thumbnail%20300x250%3Dthumbnails-gam-300x250%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22block_clicks_time_comp_ctrl%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230807-18-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f7ee304674e633ce582775e35025dc9cd85f47486a4e9d398330b2bdcfa41915

Request headers

Referer
https://pb.lihkg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
107
date
Tue, 15 Aug 2023 06:20:14 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
7148
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230040-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1692080415.824662,VS0,VE107
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://pb.lihkg.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
userx.20230807-18-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 2D5B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230807-18-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-lihkg/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e95b93d794de341ceb2c728adf7382715deef5d230b18c2f75f8ece0ed2871f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
9GMR2uQcTtaxVzNFsdSXsBa1nfiRPpm4
content-encoding
gzip
via
1.1 varnish
date
Tue, 15 Aug 2023 06:20:14 GMT
x-amz-request-id
T9ACFN160ZZ5MJ7K
age
668272
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5399
x-amz-id-2
qqzf+UsaPxh8EfZZGtB+3Al+bilDVeeMwKnJoGiV4396YeSvYukmkRVzXEk5QVQjxq4Rngri2S8=
x-served-by
cache-fra-eddf8230040-FRA
last-modified
Mon, 07 Aug 2023 12:31:53 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692080415.968085,VS0,VE0
etag
"1fe061f4363ed597e912f89af7d45fdd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
84
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
9758
abtests
am-trc-events.taboola.com/palmate-lihkg/log/3/ Frame 2D5B 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-lihkg/log/3/abtests?route=AM:AM:V&lti=block_clicks_time_comp_ctrl&ri=1a52e20bb4fa72212486488dccd32848&sd=v2_b010fb0bde92e18077c072897c10f3ce_4d691145-3f79-4e84-b7b5-25ddbfd12ba9-tuctbd49e9e_1692080414_1692080414_CNawjgYQuLpcGN3A6L6fMSACKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABog4mFjq2K96socAA&ui=4d691145-3f79-4e84-b7b5-25ddbfd12ba9-tuctbd49e9e&pi=/smj&wi=-8323673355417702064&pt=text&vi=1692080414813&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1692080414957%7D&tim=08%3A20%3A14.957&id=9575&llvl=2&cv=20230807-18-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 15 Aug 2023 06:20:14 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
507031275__TmQQOc4N.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ Frame 6059 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/507031275__TmQQOc4N.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ee5d413bfe307fddfdfd40f37561f408cd5bcecf5990d9a0fd289bf431fb316d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 15 Aug 2023 06:20:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/507031275__TmQQOc4N.jpg
age
1009137
edge-cache-tag
313869185077115224210820210540848029394,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
313869185077115224210820210540848029394,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
775
req-referer
https://ads.taboola.com/
content-length
10486
x-request-id
c377ac7e12ad7b1207ed7b2d8faef5b2
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200024-IAD, cache-iad-kiad7000127-IAD, cache-lga21978-LGA, cache-iad-kcgs7200154-IAD, cache-fra-eddf8230040-FRA
last-modified
Thu, 03 Aug 2023 14:01:16 GMT
server
nginx
x-timer
S1692080415.982191,VS0,VE0
etag
"7448ed733c8c0ee628853f5e206843ae"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 3, 2
7dc01b4b8b24c9f287a823a33d3e2bfe.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 695E 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7dc01b4b8b24c9f287a823a33d3e2bfe.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
406a343022f9fa770b7785a66f0c2c49fadb7c350d3f12abd13eee4fca905ed8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 15 Aug 2023 06:20:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7dc01b4b8b24c9f287a823a33d3e2bfe.png
age
2198284
edge-cache-tag
326589092588721122728896016918352609749,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
326589092588721122728896016918352609749,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
539
req-referer
https://www.gazetevatan.com/
content-length
25378
x-request-id
6c4efeead54617e362ea96cb074a732f
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100115-IAD, cache-iad-kjyo7100176-IAD, cache-chi-klot8100053-CHI, cache-iad-kcgs7200110-IAD, cache-fra-eddf8230040-FRA
last-modified
Fri, 14 Jul 2023 15:01:56 GMT
server
nginx
x-timer
S1692080415.982599,VS0,VE0
etag
"13538a60d4f17d655b36846ad0a9a27e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 16, 2
6c0c22c51ebee620be21da160201de42.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2D5B 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6c0c22c51ebee620be21da160201de42.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d86b86af74b80156cdddf0e9334dd1c868838e36e4e55537ea3d67cca50f51ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 15 Aug 2023 06:20:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6c0c22c51ebee620be21da160201de42.png
age
3540770
edge-cache-tag
614864820090109347195755692061116706336,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
614864820090109347195755692061116706336,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
215
expiration
expiry-date="Sat, 29 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://de.starsinsider.com/
content-length
26492
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000114-IAD, cache-iad-kjyo7100128-IAD, cache-sna10729-LGB, cache-iad-kcgs7200145-IAD, cache-fra-eddf8230040-FRA
last-modified
Wed, 28 Jun 2023 08:00:55 GMT
server
nginx
x-timer
S1692080415.990801,VS0,VE1
etag
"624f479eb0fb97507cfcfce48774faae"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1734, 1
debug
am-trc-events.taboola.com/palmate-lihkg/log/2/ Frame 2D5B 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-lihkg/log/2/debug?tim=08%3A20%3A14.998&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=7372&cv=20230807-18-RELEASE&lt=block_clicks_time_comp_ctrl&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:20:15 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
28170
6c0c22c51ebee620be21da160201de42.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2D5B 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6c0c22c51ebee620be21da160201de42.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d86b86af74b80156cdddf0e9334dd1c868838e36e4e55537ea3d67cca50f51ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 15 Aug 2023 06:20:15 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6c0c22c51ebee620be21da160201de42.png
age
3540770
edge-cache-tag
614864820090109347195755692061116706336,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag
614864820090109347195755692061116706336,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
215
expiration
expiry-date="Sat, 29 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://de.starsinsider.com/
content-length
26492
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000114-IAD, cache-iad-kjyo7100128-IAD, cache-sna10729-LGB, cache-iad-kcgs7200145-IAD, cache-fra-eddf8230040-FRA
last-modified
Wed, 28 Jun 2023 08:00:55 GMT
server
nginx
x-timer
S1692080415.028886,VS0,VE0
etag
"624f479eb0fb97507cfcfce48774faae"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1734, 2
bulk
trc.taboola.com/palmate-lihkg/log/3/ Frame 6059 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-lihkg/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230814-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pb.lihkg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Tue, 15 Aug 2023 06:20:15 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7429
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230040-FRA
pragma
no-cache
server
nginx
x-timer
S1692080416.559908,VS0,VE9
content-type
image/gif
access-control-allow-origin
https://pb.lihkg.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
bulk
trc.taboola.com/palmate-lihkg/log/3/ Frame 695E 		0
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-lihkg/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230814-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pb.lihkg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
8
date
Tue, 15 Aug 2023 06:20:15 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7352
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230040-FRA
pragma
no-cache
server
nginx
x-timer
S1692080416.742662,VS0,VE8
content-type
image/gif
access-control-allow-origin
https://pb.lihkg.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
bulk
trc.taboola.com/palmate-lihkg/log/3/ Frame 2D5B 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-lihkg/log/3/bulk?route=AM%3AAM%3AV&lti=block_clicks_time_comp_ctrl&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230807-18-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pb.lihkg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Tue, 15 Aug 2023 06:20:15 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7348
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230040-FRA
pragma
no-cache
server
nginx
x-timer
S1692080416.979718,VS0,VE9
content-type
image/gif
access-control-allow-origin
https://pb.lihkg.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
visible
trc.taboola.com/palmate-lihkg/log/3/ Frame 2D5B 		0
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-lihkg/log/3/visible?route=AM%3AAM%3AV&lti=block_clicks_time_comp_ctrl
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230807-18-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pb.lihkg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
8
date
Tue, 15 Aug 2023 06:20:15 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7175
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230040-FRA
pragma
no-cache
server
nginx
x-timer
S1692080416.987406,VS0,VE8
content-type
image/gif
access-control-allow-origin
https://pb.lihkg.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 2D5B 		254 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pb.lihkg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Tue, 15 Aug 2023 06:20:16 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
28387
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230040-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1692080416.015823,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
33
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
5616

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
gocm.c.appier.net
URL
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
Domain
gocm.c.appier.net
URL
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
Domain
gocm.c.appier.net
URL
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
Domain
gocm.c.appier.net
URL
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 function| gtag object| googletag object| pbjs object| dataLayer object| webpackJsonp object| pbjsChunk object| _pbjsGlobals object| google_tag_manager object| google_tag_data object| gaGlobal function| setImmediate function| clearImmediate object| regeneratorRuntime object| core boolean| _babelPolyfill object| test function| _ function| iFrameResize object| fabric object| __cfBeacon object| ggeac object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle string| google_user_agent_client_hint object| reviveAsync object| __consolidated_events_handlers__ object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_140 object| Criteo object| Criteo_identitytag_140 object| google_image_requests object| GoogleGcLKhOms

48 Cookies

Domain/Path Name / Value
lihkg.com/ Name: PHPSESSID
Value: 7796mmasn431daut24vu9dvmqa
.lihkg.com/ Name: __cfruid
Value: 13a8a5cf0cbb2a4dd5894f3d0acbbd09df4eb5b2-1692080406
lihkg.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
adv.lihkg.com/ Name: OAGEO
Value: 2%7CDE%7CEU%7C1%7C%7C%7C51.2993%7C9.491%7C100%7CEurope%2FBerlin%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
.lihkg.com/ Name: __cf_bm
Value: BZ3LfwAEEr__2JNBm9y8lVwAAnbzuh4DKm_1IS4TOdE-1692080407-0-Afko5fqPvP6ifjc42/ETUs8uTAJm8MtTzup74BeZTu6XCyECO/N1y7ZN3Z4xZBd866mpDv8zA92ZcyCWDQYeKo4=
.lihkg.com/ Name: _cfuvid
Value: Is_RzujrJD.QNXMFn4hIY1Ctr1Eg1ceDwgKG82lvCoo-1692080407264-0-604800000
.lihkg.com/ Name: cf_clearance
Value: wr2voKjKKgHGkMbn3Z0jU9rpgz72.b0zUtZoXbf2u38-1692080407-0-1-2aec8896.24815f2.d2dcfced-0.2.1692080407
.lihkg.com/ Name: _ga
Value: GA1.1.433030508.1692080408
.lihkg.com/ Name: _ga_L8WS4GS6YR
Value: GS1.1.1692080407.1.0.1692080407.0.0.0
pb.lihkg.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
adv.lihkg.com/ Name: OAID
Value: a787ace3fef33f018410799b6401d18f
.lihkg.com/ Name: __gads
Value: ID=a4486df6b4b743d3-22dd0d1051de0024:T=1692080408:RT=1692080408:S=ALNI_MaNXIRS5v2QRgdWcrV7Kh5VAyadvQ
.lihkg.com/ Name: __gpi
Value: UID=00000c6091fc3334:T=1692080408:RT=1692080408:S=ALNI_MacaKrDvSfAef1seTFMMJ-rToKAcA
.criteo.com/ Name: uid
Value: 32cabee7-d68d-45fd-bc6c-034206004d9c
.lihkg.com/ Name: cto_bundle
Value: bhakAV9rb0hLR2IyRTduQUNISjhaQ3JWRzdhRXpuTVRIV3QxTjJYRFlBSTdRR0NOZFhCUzZWVDhPSEd0VzFObTF5ZU83SDAlMkZwbnB3dzdCNGFHMEkxc3ByaTdTOFY1WlNHU0FjY3h6WVNyTUtUOHh5RmVXNm1XTiUyQnh3azhTVGVwWmNZSTNqMDBPQWdEUHhOekRFblJZWG5LZ3lnJTNEJTNE
.doubleclick.net/ Name: IDE
Value: AHWqTUl-1wUEox8c7QiXINMjjkGyO6Xt7L3UFfJj10dECM3VD2HAxrwG4_3YaRV6zjE
.lihkg.com/ Name: _ga_PPY9Z37CCJ
Value: GS1.1.1692080407.1.0.1692080409.58.0.0
.doubleclick.net/ Name: APC
Value: AfxxVi5d-zYzE3ICIO9iQI23gRMu6rieEie4I_tZWWb1f-jzYb-zeg
.w55c.net/ Name: wfivefivec
Value: 0f7kpvHz1QvNpv5
.w55c.net/ Name: matchgoogle
Value: 5
.adfarm1.adition.com/ Name: UserID1
Value: 7267430018880764052
.mathtag.com/ Name: mt_mop
Value: 4:1692080409
.agkn.com/ Name: ab
Value: 0001%3AGSiCDHZZHkiiXs1TE9ESMn9%2BAsAJYM9G
.agkn.com/ Name: u
Value: C|0CEAsbdWZLG3VmQAAAAAAAQ13AQCAAQpAAAAAAA
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZNsZGQAIqg6DsgAN
.adnxs.com/ Name: uuid2
Value: 1016948114067668934
.adform.net/ Name: C
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-32dc504b-8510-48f7-b414-439fc78fdb71-003%22%7D
.adform.net/ Name: uid
Value: 2696799641939506867
.quantserve.com/ Name: d
Value: EGoBCQHbKYEA
.quantserve.com/ Name: mc
Value: 64db191a-2cb8a-8cd4e-10f6b
.turn.com/ Name: uid
Value: 6931132044556535655
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-32dc504b-8510-48f7-b414-439fc78fdb71-003%22%7D
.casalemedia.com/ Name: CMID
Value: ZNsZGtZ7PwgcoKjQXiGMgwAA
.casalemedia.com/ Name: CMPS
Value: 3266
.casalemedia.com/ Name: CMPRO
Value: 3266
.tribalfusion.com/ Name: ANON_ID
Value: a2nt6ZaP3rT7CiAyPqEM6HuD20hkZcUowyCdbf1etGZbFZdcYJVmcpUGe55Wlg4c7kYCNhkadU96IS5xaBNqsastIYXq7kyv
t.adcell.com/ Name: ADCELLvpid10797
Value: 309583-46690-oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%23%23%23%23%40%40%40%401692080410
.awin1.com/ Name: awpv20044
Value: 412871|1692080410|c9acf3f0-3b33-11ee-8c55-226543793aa5
.awin1.com/ Name: awpv14702
Value: 412871|1692080410|c9adde51-3b33-11ee-8c55-226543793aa5
.awin1.com/ Name: AWSESS
Value: 365825:2531885
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTM0MDAwMDAwMDA2MTY5MjA4MDQxMXZsZWExZGUyMDIzMDgxNTA4MjAxMDg3OTA3MDkxODIxWDExNzcwM1YxMjI2MTMyNzAyTVN2aWV3b25laWRtVjJIZWZHZldaemdUbUhaSFp0enRKSnBDS1N3VGVaTUhiMWs1b25laWRfX3N1aXRlX05ldG1peF9SZWFjaDEyOF9XRUJHQUlOU01PU1RMWTExNzcwMw
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023081508201087907091821X117703V1226132702MSviewoneidmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117703&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTM0MDAwMDAwMDA2MTY5MjA4MDQxMXZsZWExZGUyMDIzMDgxNTA4MjAxMDg3OTA3MDkxODIxWDExNzcwM1YxMjI2MTMyNzAyT
.aralego.com/ Name: gdpr
Value: 1
.aralego.com/ Name: sspid
Value: f75bd7c1-d950-31ae-9a15-65a5a64d6e9c
www.restposten.de/ Name: AWSALBCORS
Value: hOTMUFaBFAvTmohAjl4BYyAlIZ0ayX6Pv87ZKpuze1ZDcK/iW/QAX0YLsHxr3N0DnhbgI/m3DqPw8Mp7taKfUK71qjAA9o4ZyO6LyuZ7AqWRrVOIoi9FziIe4MBx
pb.lihkg.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D4d691145-3f79-4e84-b7b5-25ddbfd12ba9-tuctbd49e9e

21 Console Messages

Source Level URL
Text
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://as.ad4m.at/ad/dr?ed=1jnca8ctc1mh5rhgj2nf3dg5yvqx0qydgqsdvg5ka4n4ywqygef0nx1dgzxqjacnv5ez8jvz7xemvsd6n7zq8tgahted2vnwjvwje4yh18qtgd3s60zygzspde5n1t58g4hjratney7pttmjdrxwmt3gfye3j5dwq7g9xdzfd4zp76cdtrxyxvnxezxmhxa09dd67dpkd468w684dfmgxmjvk5m4m7vghnae3t4qjm7kxf39r2ydm8yavpv545n65ymx5dbnfd9hr2vcck8pjatdh5yfdhnxc80kye8ydpaw435kqs878027zj4c4cbxw980nav5t4g7yqzf1bef5jcvg0ds1wtd318kr7h9t3vq39mgrf1pny47s5aafxvj9awq2xkjn5s287vem00d6t9mx34jynj64kaarcs53qf1jq7jet6evadhrzjbjw8jdcw7599691p0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClM5DGRnbZJbiHMXBo9kP9_upOJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAh5w21pFTrI-qAMByAMCqgTfAU_Q05LtXDemvwo9wcATsfkq0jRcbSEKiwJUzDv1qdQed5gsmSEmRrq5HIK3NySQ31yVyR8jJG3BZrProWRcdhvdqxhPSDEX209J0_6HKLBNstbHIhLx7rUUevrlhcpsMjvadF2HswBiuIZizMOwnEVgpB8S-QzS8qKAtPwqJAhvzpt31dilYTA28O1krJC6ipP7P7_4v-RkGp8csCTMO4C36b1uWkUeyRP5IpBZIT9nyalTSRbZEKPcq7yzFAEPT9T0TjWSBx26cwC2xWvuBNSREGsDTKX13_7qYyCPG-SABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0VrU1eSJkiR6GFB5tUhPMDxENCEQ%26client%3Dca-pub-1983042674979462%26adurl%3D
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://as.ad4m.at/ad/dr?ed=1htjqrwxw9k807gx34pt403mvj0znq5fxw3s06j20j0myq312s1wc23d6dpskreaefexn5bg7n4k9xf8dbem00c203q1de84y2rza5tg0yckahcczsesfaa74mmnz8bdwmedn1yg2vacfnm0p6vms8tche0rb1bykp4gjkvcy2xm6dy4422fjdvwg9c3a8hhnb968h5at0bjkj6hd73bav38j5h0d1vm91frcjwr9vbt6rcthj9ypz9peawfzj8md2vp8eattspg1eat34xwpvnwamd5q68wef96fhfph7es9x2wveks7a3mw4kyqnpqwzqahp9v2a69wzhmt2mmvxp18b1q3gtp1b8svtwdawpycp5m8q43pn23t0bavn54t56v2zn54vf428ktmse1dh7rtrc5jq04rw07rry1rn7m6was0z60q3754e7ech6rqn5aa3h6jwng&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoVGTGRnbZMDmJb_yvPIPn6eCsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQIimafJvEyyPqgDAcgDAqoE1wFP0KMPqou6xrzGiyBF5XVAIP_tHO3xtDJBkuFlGS3fTfze335L0r0m1VUz8nRSEltvEZLAJ6ZWJgm4hpLBaVLtUBpvYu0Ap2dxaSfG3RhtPYxprTsgM6FblfYLPseVRTT0W84JnBbqjnqoNy0alUtuuSfkezrYdkCl2Zqg4fGk1FvwkRAPr_iv8DazlT-rQoe2cZwQTIcwQ14sKhyPCLqUNb_WU78gyXIcmeI9w9dmqkR2d8Q_7XtXjqft23dKyEyWgoPtNmnkFrDXYy4qMQtqr547Fm6M-IAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3pYSGuVl4Yqvk7D6-441Z6J2ibAg%26client%3Dca-pub-1983042674979462%26adurl%3D
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://as.ad4m.at/ad/dr?ed=1jw12j2kg98x3tssb7dcjv6r45kx35yxehkn793cf7dxv691dtxp7gpacs9mxew8aemk6t5zrctd3h80cyew9x6r2skbtx9veyf6qmrh4kk5sjcxc0436kjcce0157jt3s5sdnc3hxtr7n4632gq1985vwzr1wq7e0n0tfkpz0ppwvygrb52jwkkach20dqb80djqy8b7xks29s7fn6shwpe66gta3xe3e0ny8chhrtb6v8b6448p4skagmjrh6b6qswnexbm2tgcsqe8ckz0j537q1fth7sbn07nd2x6jx7arhc7ec4b84cycrctyt9c4132d20wd9431pyt07agn2gdanmecs47pc9grswk5xxv873016kzet2pyffca4877hkdr2vqjhrphp87fn4y6p78zp4r717r1anpxtz1vzwr0ehc07zwmbz0f44mtfmk4n87zanqe20&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC632dGRnbZM3LJayGn88Px7ORoAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJKgSnmX1yyPqgDAcgDAqoE3wFP0FGI4GsjKhFM23280oAnkHR7fDyvX8Y0kqaK1_J_8cPVvvdrSbpq0Q4ppGE-esyxNDZTbKMy0pgS4M6vC5dNauKVzDqGH5SONNJMltARSluF6ne2FOgA3tiX4cxp8nmUwA23fOZrj37yPuKZZiDe2oalMcKGCSIabNL0GHekOxv7RZZQMgklMWHs3oP5fmXA9ex8xwJzG_f9GV_WsY9FlYzEFuv4rQsC4GU2rswfWQ8ch891i53s2rSYoTkBSedoF--pkmg5y6f48-XZhD8YcpbrmrtTggaOQIed1yLLgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0H7iwkLdWAPGLDFy_m0tUn_5DAjQ%26client%3Dca-pub-1983042674979462%26adurl%3D
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://as.ad4m.at/ad/rar?a=175059%2C22925%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfjGkcxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfwP3sVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=7d81e3ce49585635a6483b04b8953953%2F5092173492639382676&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g74t3dmf0w9v3shzwx6hfyjn7ajtw109j70qck4z4et03hb4x6s2wbnn8aw4nktc9aw5qkjq2gyn1sw9bbakh0p785qhed2sg99apbq6sneqvna6355fcpm9m4cqtj33ch66yp3e3vmbf3we1kd100r2jtxxy9c401bgbr0sbndd1drj84yncs7j6cc5m3tfc4xs6yy6twdfmxp6875r0r2k8xm0txvvj3m4phsq11qyqvk6kbzc8n80sfa7sfsvbfprzryxvhh64452bzz21vjmw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoVGTGRnbZMDmJb_yvPIPn6eCsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQIimafJvEyyPqgDAcgDAqoE1wFP0KMPqou6xrzGiyBF5XVAIP_tHO3xtDJBkuFlGS3fTfze335L0r0m1VUz8nRSEltvEZLAJ6ZWJgm4hpLBaVLtUBpvYu0Ap2dxaSfG3RhtPYxprTsgM6FblfYLPseVRTT0W84JnBbqjnqoNy0alUtuuSfkezrYdkCl2Zqg4fGk1FvwkRAPr_iv8DazlT-rQoe2cZwQTIcwQ14sKhyPCLqUNb_WU78gyXIcmeI9w9dmqkR2d8Q_7XtXjqft23dKyEyWgoPtNmnkFrDXYy4qMQtqr547Fm6M-IAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3pYSGuVl4Yqvk7D6-441Z6J2ibAg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://as.ad4m.at/ad/rar?a=175059%2C192347%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CmV2HefGfWZzgTmHZHZtztJJpCKSwTeZMHb1k5%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C7YmUqfzfjXmrurHXHgtECVVef4S1TQPbCEZQx%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=5839870e34d254e5f21845ad7749c4f8%2F15423261383198278964&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410540&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3vd6acadt1v45qxa5fxx1p0wkmwap385e9x57e1ts7a414mtybwav5h3a2bj1at0gbj4zh6z3r36k9sjadza6nagvhp1014a38wjysd3m5wvk3cf96ag2ynxt238t35ey405kzdpq7kcbxf8nf4qgs7sdb14b6e17zc7x33k7hk6j4sfc0dde4jejj6gsdxbs5dx5mzshprk8t67fdz3h6d86da5brrpbfhvns2y0d2s36pndes6z4aw63ftm87h7hhywhae177yzsb6z834fv7c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClM5DGRnbZJbiHMXBo9kP9_upOJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAh5w21pFTrI-qAMByAMCqgTfAU_Q05LtXDemvwo9wcATsfkq0jRcbSEKiwJUzDv1qdQed5gsmSEmRrq5HIK3NySQ31yVyR8jJG3BZrProWRcdhvdqxhPSDEX209J0_6HKLBNstbHIhLx7rUUevrlhcpsMjvadF2HswBiuIZizMOwnEVgpB8S-QzS8qKAtPwqJAhvzpt31dilYTA28O1krJC6ipP7P7_4v-RkGp8csCTMO4C36b1uWkUeyRP5IpBZIT9nyalTSRbZEKPcq7yzFAEPT9T0TjWSBx26cwC2xWvuBNSREGsDTKX13_7qYyCPG-SABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0VrU1eSJkiR6GFB5tUhPMDxENCEQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=6a045a7050e1b74ba1d82576e31e9227%2F11710773295525951317&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692080410569&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5b3s7g4bkv9g2cgnj4wyapz86344fr6dj0t4ywgr1ttra0fj6xattsv4zsy0edjw2m61pdmcak89vw0vnzwtf5f13gyq20qk76kqbvx57jer5e6mn374pffs4kqsejxak0s8a06z6swcybyrnh65p23hhmk3065s64gyfejh1fm7w5r2ag4s0s3zmwg7vh95fgwef0y2v7v9q86zjp62s1c2j6bmrzfnmt12sbq7xj9gc8f6eqytf1khvbwzfx85gvyq250enjde5tpdhmw9ng6c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC632dGRnbZM3LJayGn88Px7ORoAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJKgSnmX1yyPqgDAcgDAqoE3wFP0FGI4GsjKhFM23280oAnkHR7fDyvX8Y0kqaK1_J_8cPVvvdrSbpq0Q4ppGE-esyxNDZTbKMy0pgS4M6vC5dNauKVzDqGH5SONNJMltARSluF6ne2FOgA3tiX4cxp8nmUwA23fOZrj37yPuKZZiDe2oalMcKGCSIabNL0GHekOxv7RZZQMgklMWHs3oP5fmXA9ex8xwJzG_f9GV_WsY9FlYzEFuv4rQsC4GU2rswfWQ8ch891i53s2rSYoTkBSedoF--pkmg5y6f48-XZhD8YcpbrmrtTggaOQIed1yLLgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0H7iwkLdWAPGLDFy_m0tUn_5DAjQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
network error URL: https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k1j5n5apdtykaw2e20mj0vvfeq2zq0540wj7d8bnndkeym2yy75h47vkdsxzj4vccqy93s8m5vg8ybh7077kmc09a03f4h4f9abqq8b6dcmbvq8jz9wqpmca8ggbwh46aax72w6v8xp2e6qk02528yf0bdx4tr1269x1ypf0nbp21mytbewk93vq4r3ff00webvz61p6vpwvx1zx4nnycb0305ny9s7vm8em7qh7sq6f45j42zhwcmj9q0ymqbpbjm0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g74t3dmf0w9v3shzwx6hfyjn7ajtw109j70qck4z4et03hb4x6s2wbnn8aw4nktc9aw5qkjq2gyn1sw9bbakh0p785qhed2sg99apbq6sneqvna6355fcpm9m4cqtj33ch66yp3e3vmbf3we1kd100r2jtxxy9c401bgbr0sbndd1drj84yncs7j6cc5m3tfc4xs6yy6twdfmxp6875r0r2k8xm0txvvj3m4phsq11qyqvk6kbzc8n80sfa7sfsvbfprzryxvhh64452bzz21vjmw%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCoVGTGRnbZMDmJb_yvPIPn6eCsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQIimafJvEyyPqgDAcgDAqoE1wFP0KMPqou6xrzGiyBF5XVAIP_tHO3xtDJBkuFlGS3fTfze335L0r0m1VUz8nRSEltvEZLAJ6ZWJgm4hpLBaVLtUBpvYu0Ap2dxaSfG3RhtPYxprTsgM6FblfYLPseVRTT0W84JnBbqjnqoNy0alUtuuSfkezrYdkCl2Zqg4fGk1FvwkRAPr_iv8DazlT-rQoe2cZwQTIcwQ14sKhyPCLqUNb_WU78gyXIcmeI9w9dmqkR2d8Q_7XtXjqft23dKyEyWgoPtNmnkFrDXYy4qMQtqr547Fm6M-IAG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3pYSGuVl4Yqvk7D6-441Z6J2ibAg%252526client%25253Dca-pub-1983042674979462%252526adurl%25253D&clickref=oneid24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Message:
Failed to load resource: the server responded with a status of 429 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0169f848f7480f186aa9f6c78cb23d16.safeframe.googlesyndication.com
a.tribalfusion.com
ad.doubleclick.net
ad.sitemaji.com
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads.yap.yahoo.com
adv.lihkg.com
am-trc-events.taboola.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
bid.g.doubleclick.net
c1.adform.net
cdn.jsdelivr.net
cdn.lihkg.com
cdn.taboola.com
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
cpm.bidmyqps.xyz
csi.gstatic.com
d.agkn.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
geo.yahoo.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.aralego.com
ib.adnxs.com
images.taboola.com
imasdk.googleapis.com
lihkg.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
pb.lihkg.com
pixel.adsafeprotected.com
pm.w55c.net
prebid.ad.smaato.net
prod-rtb.ad4mat.net
r.turn.com
r3---sn-4g5edn6r.c.2mdn.net
region1.analytics.google.com
region1.google-analytics.com
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
s.yimg.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.adsafeprotected.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.adcell.com
tpc.googlesyndication.com
track.webgains.com
trc.taboola.com
unified.adsafeprotected.com
www.awin1.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.restposten.de
www.telefonica-partner.de
x.bidswitch.net
gocm.c.appier.net
104.18.25.185
104.75.89.75
13.227.219.62
13.43.74.95
141.226.228.48
142.250.181.230
142.250.186.66
151.101.130.49
151.101.65.44
162.210.196.208
167.233.13.224
172.217.23.98
178.250.1.11
18.195.75.15
18.66.147.41
185.29.134.248
185.86.138.154
185.89.210.101
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
216.58.206.34
2600:1901:0:76b9::
2600:1f18:1aca:4281:e148:1293:6d53:b2b9
2600:9000:2304:3200:8:48e:53c0:93a1
2600:9000:25e8:7200:1b:5138:8a40:93a1
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2606:4700::6810:3965
2606:4700::6810:5814
2606:4700::6811:d5c1
2606:4700::6811:d6c1
2606:4700::6812:18ad
2607:f8b0:4023:1004::78
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1288:110:c204::b000
2a00:1288:80:807::1
2a00:1450:4001:800::2002
2a00:1450:4001:800::200a
2a00:1450:4001:802::2008
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:81c::2006
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4001:e::8
2a00:1450:400c:c0c::9a
2a02:2638:3::3
2a02:2638:3::c
2a02:cb40:200::242
2a02:fa8:8806:20::2040
3.120.29.172
3.124.181.128
3.127.92.109
35.186.215.140
35.186.253.211
37.157.6.254
46.228.174.117
51.89.9.251
52.208.107.103
52.209.126.138
52.56.87.167
63.32.81.34
74.125.71.156
77.245.57.72
84.200.5.215
85.114.159.93
87.248.100.137
92.123.148.9
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3
047241f9b27a1c2fc22f3496fde1060687327d8945634fa100369a730ca9cb88
071d8fbbb33f94eb57114e22fd9bf77c10cd763dd94c6485d3521f89a5547cee
08db44d1b93268a2f3b72a2af31bcf207d87714f0f766792c49ed4ccdd2a0e80
09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bba98ad69528680c4ffb033d3308d94c6b621fb798b2107a048c8bd441a63a9
0bc094f48a8c491946e3754c6803139a8ff01593be9c9e84251d98654e95fef9
0d1cb4b0238ec323a99cb8f9f53371f65403f15d700d0b439c63e55dd500e9b1
0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6
13f8092344fdfa408598d877884fd5cbb8d0b15009a84edd1e63ab2a351d82b5
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
15db290c2c34b3bcce6e3051a2dff1c43819b7722d33cba1b0d793b23caa58d6
172d0e01dfabdf44d60ea049275cd330ff500b05736112fd69f4bcd25ceb2be8
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
194232aeba5b09569566b357606b6941d22480926aa76c53445e8fcdf2b9c527
1b1c49de182d613a0cdba7e6f329ce9f4616136aa902e576d637a97abd8c91bc
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d533fa3a32a5a67dc45519a85bc430007e3c68bde21d01c5e67c2c8b3d4d2cf
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e9e9483dc8972e01d5f55bbade4cb00f0ad629dc73e7cfd1224ed2496108cc6
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1ff6efb7285a05ad8b77cd00a5707fad4119f66513441f2dd307971049a66504
2039944be0e252c2d037fb29c2462909349fdaac58e41eda640346c96610db63
214d104b75275cb8776802bc1e79c67d8d1c21e39f014845d6d266d4a65b821d
2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1
290f09cbc43aaa13de69f75f2f9977f5bc8826c77ce75bce064436b97a5c1a9b
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
29e3d11931a3c08fd8f601d41b07cc5d2471ef6f830d447974cb22bb2e85f2d2
2a461002f77d83338ab9aafd8bfd8cb6275f8f6af2ea6a4f8c040d2aad2130f9
2b330ef6566bd886ea1ccff75d9dce4a861dd1ef2ea119dd381379f64781a8c5
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ed2a584ee1368ea53d5ad19adcf8bd9aa9d260d1489a41f9ddcac11db82a4bb
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f3f5ab77023fa556dbdcb6551c9afde7c9ac733328d50d359e34ecefc66ac0d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
34a2285b821bfc7097678bd1ff47e8c5ba68180ba96ed4acef1edd8cbfadef92
34e241f1a6ebfdffcfcbfc288d5dc00ba2c7ee85d73cd9a6179b3337b6376872
3513954423d5cc0e06dd8a6d367f6cd0c4dcbf285c080d12cc1b2f476e52210d
38f00d6938a8f2a9b7e0d6d8005a5b6be5cb0b1c5c51822119118d95ccd73879
391c0c693d9b148ff971e70c20aa43085a97025df7da49c502b6b1cc0110a884
3aaebb44fa7aff9f07c039c9678ca52b7a5277c15af947834950663fa31b5da5
3bb98dc0c0ce84945810a1e1b2d2ccee86cf390c06f9b986e32b63a7de470ccf
3d3e37bf59e7d193b7c0699c5b338ba747737bc513f209e5447b6274fad653bb
3e62d800f51c34294bd38d3b89b5dbe5bd39f55c8efaed49bb0f88002142a470
406a343022f9fa770b7785a66f0c2c49fadb7c350d3f12abd13eee4fca905ed8
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
4185841d877331f802e06d23de2a3797b7cb639bf58c40e59ced4ef7f93ef2dc
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74
444f926718417377433a873cbecd5570f937a6d096c0e55b8d16865eaba16619
4678201b0274f75c6f34a6810d09fe2e90eb9cd736c0cfd7487f1d7974569c4b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
474ff5b21c224b89de971029f5ff8a7876bd4635b224fd6ccfc34f78d0996264
4769e4ee7cdd059d1a5f8488c96c84aea498bcc25b9b520f5a14280f14a1b027
48073142a3807a297196002da3edf6ac1e2df6ffaebdb11135c15f372a58cd70
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4911d1cc42e734d7ff839ebecc749804c1fb675f2bd496074c87c32429e17b3e
4b1a46106fd1a1ddf039f102e746861c90f6da3b4065aa901362503654335467
4d5fd9780c0a531990c400ee663173446c55d9e7cbdd3ccb81385b52801a5b7b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e95b93d794de341ceb2c728adf7382715deef5d230b18c2f75f8ece0ed2871f
4fb66cda8a7f6b544f761bba57abfdadd810eece869cc49f5c4fdb97eda7271c
500c4e68f14c286487627cec4c9533b486c8a7a941e9c3e243f234ad19f7a034
504a6d07af6da73a36b08e1874b90b5a25bef74c4fb662f6f6a0a202006d65d6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d2e7e97df5334b33b98523847b7d2d8db895fd256ca3459ecc543cc15e6e67
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55fc10baa9c6fa8d98acac31beba1be0e8f688344f243dea838b5b03e8566a3c
572139a5df5da2e25a8f38b7fb68c160b9842d7c183494eb385468cc1ce3f741
5ac477d8785a4c9ef373969dd3f047e310bfb60d77bc518593795177bd131227
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5e751932f6f3cfd2c530e97d3df2c5b547aa2b563085db6b8f4d847cd619cbee
5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64f88a75df6eeef2e778f967a36f861c2005c64fb8b567a17a8f98878e351255
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e08db01b910e7d8b37a2ee7353e438f1f9a1595e66e3c8c53e79f802bc51e1a
6e54761a0a696cdd20582c0538cb9d794628eda277c9913b68aafd12ea72fb21
6e55c8893419a1bffacc72ceede20525c0479dc2fa9a8b9d7871498a5dfa0b01
726caa23f6d0c48bf34867d3076f7b69d0b69ba0c7a5e3dd6ec7339a3192047c
7293d779f2ea16e6cf92e5b6b59a926ce160dbe2a60f995e471fe4295aba4864
75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e
7c09b126e5ab2b4c8c361f683fa988557df8f5b22808894b089aca178c2f926e
7f3e61802eb3f91d0f2613e9d31c685fe0b3e5cc232074bbf707fea72b6ee947
80049bc10543e0e2fe1fc1b66570855de11c11da2023d5a914c57330d0188ff1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846ab283855ddafc646f26a469d6c6c1b5a1f59f5d90ca195001e6a9ba943a43
8543eee7ce49564643fa813ae7f87accf93f9a845c8c14aa0eb75c93ec0174bb
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae
88c4ce8d34a9daa60952a5e3c77f6a430e87ef15ad67d03105131dcdeb04131d
898107a317921f1fe8f4784c2a5f9032dba634f89a2c5a31bdaa253206f19eff
8f03b94344821d98d8d849415345f53de7c9eb39fe0e5b4862eb1067332d7d79
8f13d6ca962d08b188c15b5f7e9c6c299f403491b8177670a70ceb978575d7c9
904a56dd8ea11f7ff3aee2ccb4200f2a6ff362ff646eca70b2a973dbfeec9821
90bf98fcb97087cbfd08622a492db2381c35d3cda40c63821fde6f8160acb6ea
9147eaf3803b91c546847ca562415276065ea2ea761f1c42c0aa4b7ca555511d
93877fb41c311f4d325de99f371c6640e389236f529bdef4761045706de75736
94a93caa514072567df7855b7eb0bfb2a823c5a75793cdd5f44d1c7527c90bf1
94e2294df57e775b3da8a4dfeaf427c81efa2a05f808229fcdd4f12646d8a2c7
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2071a6dd4e4dc556c647ef2614dca9d7bb5c5aa37cf13e5c23bfb0dc468e849
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
a2ca984784ebbdb2fe7f2f5a62c85ee5067ea5116cc1b8a8f4a30f1c202ae7c6
a40bc7c42a924ebfb7c0bc286872aca8d62d090c27977c8f216306a521369828
a8aedce5ce280bf3c1e99fa9b36cb226e62cd39cf77c1f0c5660a6cab7bdece3
ad000b54cf104b080eaf6ad565a3da7322a1a25ac98fe818dce338be0300ca07
ae9c22f7556512d13795b204b4bd6c4243326dd20e9afb418ba3b79677dc8f3b
b0a8d38638d8522c8e1c4e7cbe1127b9142b3c19947ab81831c399814ecc9759
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4268bfeca5bde7a2f43712c2cc4f7d5060593d6cc3c01c7fa8c2737aff17a6e
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
b744be45bcaadfc158afec0bdcebce3e96f6ac655f4f6b2e5dbc72bf043ec9dd
b79061721d5bff6017244edfae8d759856428814d3e0a5c96ddf81c62fc1a778
b8b8b427b806633af3c3f3cc4f87c122389f8c3e40505c403a7cf411b8d0a477
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bb102dd118baa664f3e341180820bf8daaf721a447a37b765d161fc54becf112
bb4d609b5c3a5aec790f8937ce65e69f35303ddbe39cf3588af7bed8ed2a437e
bf04a9f13a9c040ad2a4f916303855403c3e93d7d1022066404b9324360b3d1b
c03e3b2943f699bc681b4449f737e96566128d62402914d631a6930bfc55106d
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb19fdd06855efd51742e0080757c085793fd07b0753262b3bae14b960275cb5
ce6f654d6740a537e011c15234f572c461ec28d6c078e7485c964f429cf8c8c9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d18956c21464cd32c3ce93f61bbb47b3e24d58ca2680702c7c84a37cdbacc54e
d3be6e4d08cda1d9f7bcf4ddce4628247d2d63939637e384a1974ae174478174
d531ee353b2e628d0735cacda425a3000ab2da5481ea441980a576896e6bd427
d7e1d11e09ae5619685a66e50267d80bc6b716e2a3d9377b922ead3c32cba527
d86b86af74b80156cdddf0e9334dd1c868838e36e4e55537ea3d67cca50f51ad
d8b009a457899d38051b66550fef78790dc412c6ee13553f4f00f49a03eb8bbb
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dc23ad240914cb58e6f6aed5c1110cdc54d7b903255d03bda85017e43e29d195
dd41eb9b9b3e36b7f9c245094fd0565f7c3ed4d12996cd03321d4712ff65f4a3
de3d83084cff9f7e72a946c33ae28632067e4010f71774b7ca2e085a57d64ca6
deb23b71b7aebe4ff504f8df4215ba417469dc6b8cf40f8755f1ad9657f5d43e
e38ae9d60b373286265d6eea723e68caa6f2fa19227bebccf02dee53b65bef72
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eb576e03eb610d3af28916b86aa93125748dd242d8449878ac22c61fe7dd9f4c
ebda714b0960b486684f8e18052d2eb1a7afb14dd5d1d87ebf705c1c4af06eb2
edb3388b1e98ed93b6c225da2643cff004fb7bc8c2f5ca8d0caea7502ace3eb8
ee5d413bfe307fddfdfd40f37561f408cd5bcecf5990d9a0fd289bf431fb316d
eed7205ad716241cda949a47c532964e6b5f06134979dcb03da64408c0a6b778
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff08ea1c026782b219ae2d21e0f828037b54dd3783a034dafc4edecf532c5e2
f0eba1ebb00bb4e5cc0aea5108a2071bbe7678b206d38fa16298121b2394fb7b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f7ee304674e633ce582775e35025dc9cd85f47486a4e9d398330b2bdcfa41915
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
fe9e0ffaf83ecb2aad753fa013a4730d032a66ded5fb55eada9a2751e2fd43fb