orientaldaily.on.cc Open in urlscan Pro
104.16.170.108 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%9...
Effective URL:
https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%9...
Submission: On June 30 via api (June 30th 2022, 9:19:39 am UTC) from SG — Scanned from DE

Summary HTTP 381 Redirects Links 66 Behaviour Indicators

Summary

This website contacted 43 IPs in 10 countries across 34 domains to perform 381 HTTP transactions. The main IP is 104.16.170.108, located in and belongs to CLOUDFLARENET, US. The main domain is orientaldaily.on.cc. The Cisco Umbrella rank of the primary domain is 152416.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 10th 2022. Valid for: a year.

This is the only time orientaldaily.on.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
157	104.16.170.108 104.16.170.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	178.250.0.166 178.250.0.166	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
33	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
17	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
3	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
4	119.63.193.220 119.63.193.220	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.35.229.56 23.35.229.56	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.32.121.72 13.32.121.72	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
6	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.169.108 104.16.169.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	119.63.198.189 119.63.198.189	38627 (BAIDUJP B...) (BAIDUJP Baidu)
7	119.63.198.143 119.63.198.143	38627 (BAIDUJP B...) (BAIDUJP Baidu)
16	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
8 24	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
4 8	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	185.33.220.100 185.33.220.100	29990 (ASN-APPNEX) (ASN-APPNEX)
35	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 3	18.196.115.149 18.196.115.149	16509 (AMAZON-02) (AMAZON-02)
2 2	35.157.96.249 35.157.96.249	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.166 213.155.156.166	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
2 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
6	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1 1	3.122.145.17 3.122.145.17	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	54.175.38.235 54.175.38.235	14618 (AMAZON-AES) (AMAZON-AES)
3	119.63.198.188 119.63.198.188	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	119.63.197.136 119.63.197.136	38627 (BAIDUJP B...) (BAIDUJP Baidu)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	54.246.237.93 54.246.237.93	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223f:3c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1)
381	43

157 104.16.170.108 (None, )

ASN13335 (CLOUDFLARENET, US)

orientaldaily.on.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hk.on.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
on.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
home.on.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4.on.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad6.on.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.166 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtax.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

api.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.229.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-56.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-72.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.169.108 (None, )

ASN13335 (CLOUDFLARENET, US)

hk.on.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.189 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

hk.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

log.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.184.194 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.18.126 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.220.100 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Sankt Georgen im Schwarzwald, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.196.115.149 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-115-149.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.96.249 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-96-249.eu-central-1.compute.amazonaws.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.166 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-166.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.142 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:c5a4:625:6563:a5bb (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.145.17 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-145-17.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.175.38.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-38-235.compute-1.amazonaws.com

in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

r.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.197.136 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

inrecsys.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.246.237.93 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-237-93.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:3c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
158	on.cc orientaldaily.on.cc — Cisco Umbrella Rank: 152416 hk.on.cc — Cisco Umbrella Rank: 96255 on.cc — Cisco Umbrella Rank: 54280 home.on.cc — Cisco Umbrella Rank: 226004 ad4.on.cc — Cisco Umbrella Rank: 239516 ad6.on.cc — Cisco Umbrella Rank: 185427	2 MB
57	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 stats.g.doubleclick.net — Cisco Umbrella Rank: 119 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 287	441 KB
51	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	531 KB
35	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	508 KB
16	popin.cc api.popin.cc — Cisco Umbrella Rank: 20157 hk.popin.cc — Cisco Umbrella Rank: 250540 log.popin.cc — Cisco Umbrella Rank: 21129 r.popin.cc — Cisco Umbrella Rank: 22605 inrecsys.popin.cc — Cisco Umbrella Rank: 24171	122 KB
13	google.com www.google.com — Cisco Umbrella Rank: 8 adservice.google.com — Cisco Umbrella Rank: 92	54 KB
11	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 771 static.adsafeprotected.com — Cisco Umbrella Rank: 562 dt.adsafeprotected.com — Cisco Umbrella Rank: 481	96 KB
9	google.de adservice.google.de — Cisco Umbrella Rank: 7751	2 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 576	7 KB
8	gstatic.com csi.gstatic.com fonts.gstatic.com	26 KB
7	teads.tv a.teads.tv — Cisco Umbrella Rank: 1237 t.teads.tv — Cisco Umbrella Rank: 2210 sync.teads.tv — Cisco Umbrella Rank: 938	133 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	5 KB
3	openx.net rtb.openx.net — Cisco Umbrella Rank: 1589 us-u.openx.net — Cisco Umbrella Rank: 387	771 B
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	127 KB
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1107	796 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 410	955 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 336	920 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 583	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4852	647 B
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2887	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 134	2 KB
1	treasuredata.com in.treasuredata.com — Cisco Umbrella Rank: 3986	559 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	1 KB
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 629	166 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 635	98 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 557	757 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1653	583 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 612	536 B
1	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 4115	8 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 867	413 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	6 KB
1	criteo.com rtax.criteo.com — Cisco Umbrella Rank: 24046	84 B
381	34

	Domain	Requested by
63	orientaldaily.on.cc	orientaldaily.on.cc
46	on.cc	orientaldaily.on.cc on.cc
35	s0.2mdn.net	orientaldaily.on.cc s0.2mdn.net
33	pagead2.googlesyndication.com	orientaldaily.on.cc ad4.on.cc pagead2.googlesyndication.com 167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com cdnjs.cloudflare.com s0.2mdn.net securepubads.g.doubleclick.net
30	hk.on.cc	orientaldaily.on.cc on.cc
24	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net 167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com
16	tpc.googlesyndication.com	167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net
16	securepubads.g.doubleclick.net	ad4.on.cc securepubads.g.doubleclick.net googleads.g.doubleclick.net 167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com s0.2mdn.net
16	ad4.on.cc	orientaldaily.on.cc ad4.on.cc cdnjs.cloudflare.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com 167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com orientaldaily.on.cc googleads.g.doubleclick.net
9	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
9	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
7	dt.adsafeprotected.com	googleads.g.doubleclick.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
7	log.popin.cc	orientaldaily.on.cc
6	googleads4.g.doubleclick.net	orientaldaily.on.cc
6	csi.gstatic.com	securepubads.g.doubleclick.net
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	api.popin.cc	orientaldaily.on.cc api.popin.cc
4	www.google.com	orientaldaily.on.cc googleads.g.doubleclick.net tpc.googlesyndication.com
3	r.popin.cc	orientaldaily.on.cc
3	x.bidswitch.net	3 redirects
3	www.googletagservices.com	167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com googleads.g.doubleclick.net
3	a.teads.tv	ad4.on.cc a.teads.tv
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	fw.adsafeprotected.com	1 redirects orientaldaily.on.cc
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	eb2.3lift.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	c1.adform.net	2 redirects
2	d5p.de17a.com	2 redirects
2	a.sportradarserving.com	2 redirects
2	www.google-analytics.com	on.cc www.google-analytics.com
2	sb.scorecardresearch.com	on.cc orientaldaily.on.cc
2	t.teads.tv	orientaldaily.on.cc
2	167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	home.on.cc	orientaldaily.on.cc
1	inrecsys.popin.cc	orientaldaily.on.cc
1	in.treasuredata.com	api.popin.cc
1	fonts.googleapis.com	s0.2mdn.net
1	ssum-sec.casalemedia.com	1 redirects
1	image6.pubmatic.com	googleads.g.doubleclick.net
1	rtb.openx.net	googleads.g.doubleclick.net
1	id.rlcdn.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	hk.popin.cc	api.popin.cc
1	netdna.bootstrapcdn.com	orientaldaily.on.cc
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ad6.on.cc	orientaldaily.on.cc
1	cdnjs.cloudflare.com	ad4.on.cc
1	rtax.criteo.com	orientaldaily.on.cc
381	57

This site contains links to these domains. Also see Links.

Domain
epaper.on.cc
hk.on.cc
racing.on.cc
football.on.cc
money18.on.cc
www.facebook.com
traffic.popin.cc
trace.popin.cc
www.webforall.gov.hk
ad.on.cc
oeh.on.cc
member.on.cc
on.cc
tv.on.cc
p18.on.cc
orientalfa.on.cc
classified.on.cc
home.on.cc

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-10` - `2023-06-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.popin.cc DigiCert Secure Site Pro CN CA G3	`2021-10-22` - `2022-10-22`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.treasuredata.com Amazon	`2021-09-17` - `2022-10-16`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
*.adsafeprotected.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-18` - `2023-06-18`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Frame ID: 5B9C92D4E41003FFD97A4E354E76D594
Requests: 227 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20190131/zrt_lookup.html
Frame ID: 4EDB4F10FCA153C9557D55906B3B4307
Requests: 1 HTTP requests in this frame

Frame: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9B93C6426593AF53A520C83C4A85199E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&adk=1812271804&adf=3025194257&lmt=1656580770&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656580770667&bpp=3&bdt=4234&idt=233&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1eb916856b026e57%3AT%3D1656580769%3AS%3DALNI_MZFHAHy4KvX4pXnahAxZK-0FK5pFw&nras=1&correlator=602963358455&rume=1&frm=20&pv=2&ga_vid=965798538.1656580769&ga_sid=1656580769&ga_hid=15067015&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065545%2C31067983%2C44768099%2C42531605%2C31061691%2C31061693&oid=2&pvsid=203634787387024&tmod=726087036&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&dtd=250
Frame ID: 1AF3A6AFA26E918FE024CA1B78BA4938
Requests: 1 HTTP requests in this frame

Frame: https://orientaldaily.on.cc/js/v3/iframe_ysm_utf8.html?device=desktop&section=finance&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE
Frame ID: D68A563F2034EE3A693109C3068836C4
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=90&slotname=4687187148&adk=190292511&adf=2300459119&pi=t.ma~as.4687187148&w=728&lmt=1656580771&psa=0&format=728x90&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656580771493&bpp=2&bdt=5060&idt=3&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1eb916856b026e57%3AT%3D1656580769%3AS%3DALNI_MZFHAHy4KvX4pXnahAxZK-0FK5pFw&prev_fmts=0x0&nras=1&correlator=602963358455&rume=1&frm=20&pv=1&ga_vid=248626736.1656580771&ga_sid=1656580771&ga_hid=15067015&ga_fc=1&ga_cid=965798538.1656580769&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065545%2C31067983%2C44768099%2C42531605%2C31061691%2C31061693&oid=2&pvsid=203634787387024&tmod=726087036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&fsb=1&xpc=Oqgf4LTKww&p=https%3A//orientaldaily.on.cc&dtd=11
Frame ID: FC0A61993F3F6B6CF52D2F709B131DAE
Requests: 17 HTTP requests in this frame

Frame: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D2510063A95F81C7CF9018DFB63A2C69
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNVWgDnTu3anM0HL8wTL7S2LpjKYGybFNqEZAxGzmcKVw5Or6hxtaKpxYFR4YLKRmQWC-_EQRpTM7kIw7RsA61RbLDcbOUxInPm4KGdwztqhfUzufKjQFZebykE4tzkrs6rNqgEA7pE1CqAu-OCD03jkNyS6ys7OaH6A5i9gSnE1i2uL_qI
Frame ID: BE567DD8C8F850649A4D013DBA7A7FFF
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEIHeluACGLGA07UBMAE&v=APEucNVa6YqCAkQ54oaWZuw0aVE-Ot62HXmCR-NoZLmcG2kIc4az6o-w7jqvKax2K0GfcpChY5pcBqLcAv-2ILKOD2UG-cRMdKhl7yZ5_LpTRsXx0vheWM-ZZSRWZJbnjXnMSVd3J2AhCBB4fIi-rv5MQyRY0pSwTi4byqRgVV5JpKGxkETbhnA
Frame ID: 0F9E66EBF307CFCA3FA03BB56FC67DCD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0967E9E5F03774AC7DD7F7ACED710879
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html
Frame ID: B3061606045C038AB89AD9C3ED1D9DD9
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A09C24679FC9DF00E2CF4935C40A7CB4
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 708ACD3A3382047D3D363B693A9D2506
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 67F7224BED7CCF9EDE44385C5EA05AC2
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html
Frame ID: B9C27450D09222AAB84DBDFC9EB8931D
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3565501396&adf=356650500&pi=t.ma~as.6393984442&w=300&lmt=1656580773&psa=1&format=300x250&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656580773656&bpp=2&bdt=7223&idt=2&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a6045127e940fb5%3AT%3D1656580769%3AS%3DALNI_MaKWkbLjd2cIdIMRVa0hUrCpoR9Gg&prev_fmts=0x0%2C728x90&nras=1&correlator=602963358455&rume=1&frm=20&pv=1&ga_vid=248626736.1656580771&ga_sid=1656580771&ga_hid=15067015&ga_fc=1&ga_cid=965798538.1656580769&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065545%2C31067983%2C44768099%2C42531605%2C31061691%2C31061693&oid=2&psts=AGkb-H-E8KtuX9tnYDO0dEIVXKYMs8MpeiKpZ9Cg816LMBGbJHt5MLIotrhsddlLZYLOGbUUue4aiNoZwrwXkPMq&pvsid=203634787387024&tmod=1126593315&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=OZul6jj5kC&p=https%3A//orientaldaily.on.cc&dtd=12
Frame ID: 8D8629BF25DA58A8D3883D73FFA10971
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQyoXsyAMYu8ejzAEwAQ&v=APEucNVHwAQ5ujHrLdjBtN8Vnmaztupiy-VED3jDsjxAlCO-LhuXSn_hs4AkfCl-T23-Y4JrOcbItVP9pGyZTG1nV5VuTvEJY92LKbJp6upertGg0P3qR1H45XH82I-9haqLzxRaWaMtQJ21sI8X5Kg5GGPYHekviuFfgU7dpQOfov7XgOqa_S0
Frame ID: A32CA2CF0EA42CDC33FAA8D9639A7145
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 565796F919F9D5A1B75F0F894F504650
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18323139811780221838/index.html?e=69&leftOffset=0&topOffset=0&c=GxSKnmnSrd&t=1&renderingType=2&ev=01_247
Frame ID: 67EE0BB85826C7E70CCFE16F6CEB38D2
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 72659EFA8BDED5DC3FFD33F80C980482
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 130AF5430AC80C1BD785BE998756DBB5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
Frame ID: 8757A18CFA48A625F2FDEC369328D10E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C4BE719D42FF20B7C3A84ED1813694B7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 28B5D85FFC80D1C55E4A2C7781E8F9DB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

渣打擬再整合印度貸款 - 東方日報

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

381
Requests

94 %
HTTPS

35 %
IPv6

34
Domains

57
Subdomains

43
IPs

10
Countries

4161 kB
Transfer

9084 kB
Size

41
Cookies

66 Outgoing links

These are links going to different origins than the main page.

URL: https://epaper.on.cc/odn/
Title: 電子報

Search URL Search Domain Scan URL

URL: https://hk.on.cc/
Title: 即時新聞

Search URL Search Domain Scan URL

URL: https://hk.on.cc/ireport/index.html

Search URL Search Domain Scan URL

URL: https://racing.on.cc/
Title: 馬經

Search URL Search Domain Scan URL

URL: https://football.on.cc/
Title: 波經

Search URL Search Domain Scan URL

URL: https://money18.on.cc/info/hk/liveinfo_quote_02888.html
Title: 02888

Search URL Search Domain Scan URL

URL: https://www.facebook.com/money18
Title: 「東網Money18」fb專頁：有討論、有分析，齊來FUN享，贏盡●你Like

Search URL Search Domain Scan URL

URL: https://money18.on.cc/info/liveinfo_idx.html
Title: 即時港股指數資訊

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_002%2F%25E7%25A9%2586%25E8%25BF%25AA%25E4%25BC%25B0%25E6%25A8%2593%25E5%2583%25B9%25E4%25BB%258A%25E5%25B9%25B4%25E6%258C%25AB7-

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220416-0416_00202_032%2F%25E8%25B2%25B7%25E5%2585%25A7%25E9%258A%2580%25E6%2594%25B6%25E6%2581%25AF%25E9%25A6%2596%25E9%2581%25B8%25E4%25B8%25AD%25E8%25A1%258C-%25E5%259B%259E%25E5%25A0%25B18-7%25E5%258E%2598

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/api/bidder/track?tn=6e22bb022cd37340eb88f5c2f2512e40&price=X9Zq7gJBvuuO_3VtOkyaGGSv_xEjFrrT3jvjxtCTRng&evt=102&rid=3e6e8658-b27d-48ca-87d4-3797106f6eb8&campaignid=1311437&impid=popin-orientaldaily.on.cc_hk-1&offerid=20608493&test=0&time=1656580772&cp=U69TiJLdt2xnhOg8EhcIzpSzQ-PYVvrN0AGaMBOT3E4&clickid=45_3e6e8658-b27d-48ca-87d4-3797106f6eb8_popin-orientaldaily.on.cc_hk-1&acid=19738&trackingid=7fdcefa0fadc5e5740d5f1247541443c&uid=1f5565d8d7c218455701656580771734&jt=2&url=7PZNtRH28PuqybFa1105306HS6cTXm-rwNvO7aE9XP9SM9lyfIEqFDBcjM7-kzD_UfmrM6hciDiquK6w7OUGii6BTuhbjzdoOC2q2t3jt9LLtaCBXBDl-r4X4_rkTer8g1CwHNbIKyAnar7sE4yzSN3Rxo59S1_I2-TiP2QFwnJO0nG6sWMRAcLijhwC6I0Ir2YY1ghrQFMEG74hS-vOfSFSUbigvUacMdwBpnXKZffY80JUUwyXu92S_PfjSOd_69yarTjC_MNoWsayKNO_cryLsKzrC-dd8DWJ72evmVZJfBa69bqGKB3YAIu3B5JaeaAjmuVRvTUCnVSAtwSSrEN9sfwiCMXGSO82vM6Gc2jgWsb8gsqN1e3F87x0o_HtgAwgFv9uUk58LM0wJwBXOpwUH-tldIjZkQiQT-s5JAOe2MCgG-dcULulAemoHazY1USH0CU5o-LeCcpCnzFQtOsPHTiFnSoMKBWee3ySjcwiKml83iTCcmNcerarcWcrzTN8EWt1X99vxT258rDjeGPCTYRnW1DvbbIRs1VF7qCX4VNmgvUZ1evx9DWtllQossa9eDWTCdt1xIXy3Q-msHzCFygIz7uFo8KXUvX2DfQ&bm=2&la=de&cn=hk&cid=3820190&info=ZLjdVTc6zewUTmxVfkESIJhd-PiCt1Wm_EP26l2S-Bw&sid=49__24__12__1__83&sp=X9Zq7gJBvuuO_3VtOkyaGGSv_xEjFrrT3jvjxtCTRng&scp=pGZu3cbgKoDp4_W9-zJhx6Jr2o5-ZwCtT1EKaSwBUtY&acu=TWD&scu=USD&sgcp=U69TiJLdt2xnhOg8EhcIzpSzQ-PYVvrN0AGaMBOT3E4&gprice=X9Zq7gJBvuuO_3VtOkyaGGSv_xEjFrrT3jvjxtCTRng&gcp=pGZu3cbgKoDp4_W9-zJhx6Jr2o5-ZwCtT1EKaSwBUtY&ah=hk.popin.cc&pb=m&de=orientaldaily.on.cc_hk&cat=business&iv=1&uidct=1656580771734&uu=1f5565d8d7c218455701656580771734&tst=1656580773061&ppvs=6&tss=5&aps=1&rp=5&fs=3&bs=3333&caid=standard_pc_4x2

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220627-0627_00202_025%2F%25E5%258F%258B%25E9%2582%25A6%25EF%25BC%259A%25E5%2585%25A7%25E5%259C%25B0%25E6%25A5%25AD%25E5%258B%2599%25E9%2580%2590%25E6%25AD%25A5%25E5%25BE%25A9%25E7%2594%25A6

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_034%2FiPhone-5G%25E6%2599%25B6%25E7%2589%2587%25E7%25A0%2594%25E7%2599%25BC%25E6%2588%2596%25E9%2581%2587%25E9%2598%25BB-%25E6%259A%25AB%25E9%25A0%2588%25E9%259D%25A0%25E9%25AB%2598%25E9%2580%259A

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20211124-1124_00202_045%2F%25E8%2587%25B4%25E5%25AF%258C%25E6%2599%25BA%25E5%25BA%25AB%25EF%25BC%259A%25E4%25B9%259D%25E9%2581%258B%25E5%258F%2597%25E6%2583%25A0%25E7%2594%25A2%25E6%25A5%25AD%25E9%2580%2590%25E5%2580%258B%25E6%258D%2589

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_021%2F%25E5%25A4%25A9%25E9%25BD%258A%25E9%258B%25B0%25E6%25A5%25AD%25E7%258D%25B27%25E5%25A4%25A7%25E6%2588%25B6%25E6%2592%2590%25E5%25A0%25B4

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/api/bidder/track?tn=6e22bb022cd37340eb88f5c2f2512e40&price=nuMQgFB6Bt7GE10PpPd3uyJqmHHxsjl8ZGkPZRyBB7k&evt=102&rid=3e6e8658-b27d-48ca-87d4-3797106f6eb8&campaignid=1083453&impid=popin-orientaldaily.on.cc_hk-1&offerid=15426859&test=0&time=1656580772&cp=Yft8XSg7cutaDDGcAdMtCtxLv_HsGaPwuEaW-qxReTc&clickid=45_3e6e8658-b27d-48ca-87d4-3797106f6eb8_popin-orientaldaily.on.cc_hk-1&acid=1048&trackingid=f036acb2d28370b3e72f529591e4ff55&uid=1f5565d8d7c218455701656580771734&jt=2&url=rlRx8rf3WQzZIKezTUo-ORLe6Z4P8VMurbLwt5CUQMdvAqRztGNU07Qdx4nuQntQ3llB7_EHvMNMf-hAWp23N_iyHoRHk45VYEqg_Wi63NGmpPl189YyKZu1s1iDE1jWlUv63BGGFAUlz544v6KbK8ESbKDcQVJqqsi58spck3AYRh6-Z6_FuBJw1q-X-pCQL0Pk87Ry2s3sL0d-C7XooH-wgEbxemLmXgUoKR7nQYVAha8nlcuen2OXT_J8bIMjBgFxavXS8MhAzHF56LpxTg8kjGOYotowNind-ptSEccgjR8RklSLsGS34I6E6aM72UdhvLeceMtmvUHOxbg4wU7n_IdNZP89QDlpNwB0ktohOQVjhyw8WzPwPtmYHMoypuXBzVt4SPx99JtARfbpQLPbXiLcElL1I12j8JPY_v8INJPvpzSFeCviCJFSBHabSwQu_oqcV4QT77d2lgVwd9Kd7TT2_I2j7S2a8VOddbRqvq8fy18U-7PZqf_QPHbMSN0Nt8IVih9Y_03fYAD2lmPr-xfw5JXdwDfFS8C0uWQ&bm=2&la=de&cn=hk&cid=3546958&info=tFVBS-1nycLWcdRClJ1XuzGnIFqX-afA1ymTgn2JXXM&sid=49__24__12__1__83&sp=nuMQgFB6Bt7GE10PpPd3uyJqmHHxsjl8ZGkPZRyBB7k&scp=dFnfMv_XklPM8hPdoS8Q8-EZiRd_bCaxbSY3a2sxVuY&acu=HKD&scu=USD&sgcp=Yft8XSg7cutaDDGcAdMtCtxLv_HsGaPwuEaW-qxReTc&gprice=nuMQgFB6Bt7GE10PpPd3uyJqmHHxsjl8ZGkPZRyBB7k&gcp=dFnfMv_XklPM8hPdoS8Q8-EZiRd_bCaxbSY3a2sxVuY&ah=hk.popin.cc&pb=m&de=orientaldaily.on.cc_hk&cat=business&iv=1&uidct=1656580771734&uu=1f5565d8d7c218455701656580771734&tst=1656580773065&ppvs=6&tss=5&aps=2&rp=10&fs=3&bs=3333&caid=standard_pc_4x2

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/api/bidder/track?tn=6e22bb022cd37340eb88f5c2f2512e40&price=d9XNKwlkh_g-oWd0X9YCngRwHl44XpJPhR-3dCOTn3s&evt=102&rid=3e6e8658-b27d-48ca-87d4-3797106f6eb8&campaignid=1090509&impid=popin-orientaldaily.on.cc_hk-1&offerid=13887340&test=0&time=1656580772&cp=jdG6UMoUJ0YlcDaHS4NdBqK5OjqPmtcZkW2lC1t0qDY&clickid=45_3e6e8658-b27d-48ca-87d4-3797106f6eb8_popin-orientaldaily.on.cc_hk-1&acid=1048&trackingid=8e926ab526ac54490d77cce2203e27e8&uid=1f5565d8d7c218455701656580771734&jt=2&url=TaWOx2upGTpineDD3fj2esaPBMcjh_owr_k2WKw88OLizvIShl6SF10GIhdqmDjUbktsdn_h0m3ATIUL8trNPi-CezIkTQnsLuAlH7RlquR8UspwUwgtWxf5WTw85mabNDlKz-iKZ5SN-fQ3JiB_oSBRkPyInHrizIin8GZ2lj_xfd_WAu-s5pICqXu86nYh20JZd37jZVg8CJ0g7BUC_20LeO50kHhLm07_Afg0fQpjE_w4AEQEcHEzq1DKTTCuDZcsB9qgDgDb0lPc_6Y3qSUugkNQSUuk321YxDmiu6DdGSoy8ah6dlTJuTXtpruCF1KA6VUS62kJufSHSbf2g_Ra1wKg2rPz0fnnQgiNTBEwRdhg5X637o_OwreYKZRMwWWxxbbg3A_XaiwI8xC9W9nkqScw-Hm50Utmgca3GDlxGhwFWZW2iglsm1ryWs41AsCwnyacEkEKkCr8Ew19vnEHTjnwrubIm3v4lar92IdSa-rtXgxqcc1pbP8tXPzdWJy2qmT4dJ3oT8Zr3If2lp-W8dKa5rkB1OR8yu8vaXIU_9C8RiAEXyHav0F5FI9UJMa8TxTzt-bLoZDM-_Habw&bm=2&la=de&cn=hk&cid=3464493&info=byXMgLKy6PFMRWvcDBRFv4Hiy16hxufaWWTMsVFZqes&sid=49__24__12__1__83&sp=d9XNKwlkh_g-oWd0X9YCngRwHl44XpJPhR-3dCOTn3s&scp=I2-CglrYtSLFjFNeCgLhMOljK8s71ke1AckC6AIJEsw&acu=HKD&scu=USD&sgcp=SKmk59AY_6efTrZGA18MAErVySRD5gBoguFrpKl99T4&gprice=d9XNKwlkh_g-oWd0X9YCngRwHl44XpJPhR-3dCOTn3s&gcp=I2-CglrYtSLFjFNeCgLhMOljK8s71ke1AckC6AIJEsw&ah=hk.popin.cc&pb=m&de=orientaldaily.on.cc_hk&cat=business&iv=1&uidct=1656580771734&uu=1f5565d8d7c218455701656580771734&tst=1656580773066&ppvs=6&tss=5&aps=3&rp=11&fs=3&bs=3333&caid=standard_pc_4x2

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220629-0629_00202_044%2F%25E5%2585%25A7%25E5%259C%25B0%25E4%25BA%25BA%25E8%25A2%25AB%25E7%25A6%2581%25E5%259C%25A8%25E6%25B8%25AF%25E5%258F%2583%25E8%2588%2587%25E6%25BB%25AC%25E6%25B7%25B1%25E8%2582%25A1%25E9%2580%259A

Search URL Search Domain Scan URL

URL: https://money18.on.cc/

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630115801289-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630142124688-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630151705577-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630160800461-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630124400486-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630162008408-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630092056453-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630095137284-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630113536557-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220629/bkn-20220629212946651-0629_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630091918911-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630161151328-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220629/bkn-20220629193345971-0629_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220629/bkn-20220629204536636-0629_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220629/bkn-20220629165639908-0629_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630161546102-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220629/bkn-20220629230655686-0629_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630120658398-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630144018172-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630113947929-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630120902931-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630104206813-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220629/bkn-20220629000514619-0629_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630111514399-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630162031461-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630144023455-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220628/bkn-20220628221546974-0628_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630132540468-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630142847016-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630154313212-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: http://www.webforall.gov.hk/tc/recognition_scheme

Search URL Search Domain Scan URL

URL: https://ad.on.cc/
Title: 廣告價目

Search URL Search Domain Scan URL

URL: https://oeh.on.cc/tc/contactus.html
Title: 聯絡查詢

Search URL Search Domain Scan URL

URL: https://member.on.cc/
Title: 會員通訊

Search URL Search Domain Scan URL

URL: https://oeh.on.cc/tc/copyright_crindex.html
Title: 版權收費

Search URL Search Domain Scan URL

URL: https://oeh.on.cc/index.html
Title: 企業關係

Search URL Search Domain Scan URL

URL: https://on.cc/disclaimer/index.html
Title: 免責聲明

Search URL Search Domain Scan URL

URL: https://tv.on.cc/
Title: 東網視頻

Search URL Search Domain Scan URL

URL: https://epaper.on.cc/
Title: 東方日報電子報 • 刊物

Search URL Search Domain Scan URL

URL: https://p18.on.cc/
Title: 搵樓18

Search URL Search Domain Scan URL

URL: https://orientalfa.on.cc/
Title: 東方融資

Search URL Search Domain Scan URL

URL: https://classified.on.cc/
Title: 分類廣告

Search URL Search Domain Scan URL

URL: https://on.cc/appdownload/index.html

Search URL Search Domain Scan URL

URL: http://home.on.cc/disclaimer/index.html
Title: 使用條款及細則

Search URL Search Domain Scan URL

URL: https://on.cc/mem/respons.html
Title: 私隱政策聲明

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 221

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB9UFAIZJD0gd94CDXkKtjU&google_cver=1

Request Chain 222

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yr1qpNNk3L3R0qlWOLJacgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlLCpYvCfz-t3kW--ILN_E&google_cver=1

Request Chain 223

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBkElOiDQRRL8Wx4denM9fE&google_cver=1

Request Chain 224

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxNDE3MDg4ODY5NzY1MDMxOQ%3D%3D

Request Chain 238

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlLCpYvCfz-t3kW--ILN_E&google_cver=1

Request Chain 239

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yr1qpNNk3L3R0qlWOLJacgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlLCpYvCfz-t3kW--ILN_E&google_cver=1

Request Chain 240

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFNP1PkTlu2jtmpg7LsYeeE&google_cver=1

Request Chain 241

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxNDE3MDg4ODY5NzY1MDMxOQ%3D%3D

Request Chain 242

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJvv0bPH9kpiVIBrDGOSixA&google_cver=1&google_push=ARnp8GCnnj2NEq513ykQlyaF-QUn2-5AIHgffZrd5XaE7ube30DlPazhli9lE-7IahAjD3iTIm8SQ3yNBhDlaNlX1OEdO3v5xMBU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJvv0bPH9kpiVIBrDGOSixA&google_push=ARnp8GCnnj2NEq513ykQlyaF-QUn2-5AIHgffZrd5XaE7ube30DlPazhli9lE-7IahAjD3iTIm8SQ3yNBhDlaNlX1OEdO3v5xMBU

Request Chain 243

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECrJlSktBesYieliMvXiCGQ&google_cver=1&google_push=ARnp8GCXXB9wv3xzQutC0XK34j6fZsEy93IHecDGX88GX2huBVadOOs4GyQHO-1NoLAL8M3QsK1LtaZLliy3Js435nLTmM7cdwg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzExNDk2MDIzODkyNDcyNDM2Ng%3D%3D&google_push=ARnp8GCXXB9wv3xzQutC0XK34j6fZsEy93IHecDGX88GX2huBVadOOs4GyQHO-1NoLAL8M3QsK1LtaZLliy3Js435nLTmM7cdwg

Request Chain 244

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDITX9t_HaMNlWqfJtGkW-A&google_cver=1&google_push=ARnp8GDkiCtqkIEsOqNdK4c94B96Kx52W9LePpfHGvwtmZbtxyvITLS9aPkwKXVDYTvMNuDD8-gCHKSC7bGAkQz7oZcB0WJoCBA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDITX9t_HaMNlWqfJtGkW-A&google_cver=1&google_push=ARnp8GDkiCtqkIEsOqNdK4c94B96Kx52W9LePpfHGvwtmZbtxyvITLS9aPkwKXVDYTvMNuDD8-gCHKSC7bGAkQz7oZcB0WJoCBA HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=1fcde351-45af-475d-9cd4-f0f709de55ab&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ARnp8GDkiCtqkIEsOqNdK4c94B96Kx52W9LePpfHGvwtmZbtxyvITLS9aPkwKXVDYTvMNuDD8-gCHKSC7bGAkQz7oZcB0WJoCBA&google_hm=bcGY6ECdQJ2pRDe8qd9ztQ==

Request Chain 245

https://d5p.de17a.com/cookies/google?google_gid=CAESEMxNRo7RT2ZJ6Y5f8hek3w0&google_cver=1&google_push=ARnp8GD8RyMv_eXAPn8MtCTyyQybfooI6hnnCsS_tXu_6j14iKi72EGymUTYyc997m853lYs9b-MBMja6ndD03MtNZx87w4TYxPj HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMxNRo7RT2ZJ6Y5f8hek3w0&google_cver=1&google_push=ARnp8GD8RyMv_eXAPn8MtCTyyQybfooI6hnnCsS_tXu_6j14iKi72EGymUTYyc997m853lYs9b-MBMja6ndD03MtNZx87w4TYxPj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GD8RyMv_eXAPn8MtCTyyQybfooI6hnnCsS_tXu_6j14iKi72EGymUTYyc997m853lYs9b-MBMja6ndD03MtNZx87w4TYxPj

Request Chain 246

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGwEvU4m8PUS_Wxes_9dVbA&google_cver=1&google_push=ARnp8GAfBdOJWqceTk8E5e8AgjMcsLEULSKHkcsifWcz1CNHfYzq1e-cGcy3LgrDwpFD8B_33WvYj0sUVSvHTIH_pH7A-k0H-0s HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGwEvU4m8PUS_Wxes_9dVbA&google_cver=1&google_push=ARnp8GAfBdOJWqceTk8E5e8AgjMcsLEULSKHkcsifWcz1CNHfYzq1e-cGcy3LgrDwpFD8B_33WvYj0sUVSvHTIH_pH7A-k0H-0s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE4NzA4MDEyMzkyMTcyNjczNw&google_push=ARnp8GAfBdOJWqceTk8E5e8AgjMcsLEULSKHkcsifWcz1CNHfYzq1e-cGcy3LgrDwpFD8B_33WvYj0sUVSvHTIH_pH7A-k0H-0s

Request Chain 247

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEELgFmxiaM9GlbB2DzFt0ew&google_cver=1&google_push=ARnp8GByj4ES2g4lQduS0ditvjSInJuFEV_o7ZQb_kadkw1ve3IoHnvv_Blknd2OjkoL23enrobkAdK1XgHHXSIJJZL4iGlir6az HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDUwVEY0RVItMVQtTEk1RQ==&google_push=ARnp8GByj4ES2g4lQduS0ditvjSInJuFEV_o7ZQb_kadkw1ve3IoHnvv_Blknd2OjkoL23enrobkAdK1XgHHXSIJJZL4iGlir6az

Request Chain 248

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENLyDRjVJpFnqcWBZw1bRms&google_cver=1&google_push=ARnp8GBl7Vc41PnATk_MHM-DULOXjUodMWXTTldXi9ksAPevLDSMXcf54GXDx_tB6oVd00ykJqm0aTY3pp5uEKvn23J1U0k06PE0 HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ARnp8GBl7Vc41PnATk_MHM-DULOXjUodMWXTTldXi9ksAPevLDSMXcf54GXDx_tB6oVd00ykJqm0aTY3pp5uEKvn23J1U0k06PE0&google_gid=CAESENLyDRjVJpFnqcWBZw1bRms HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTgzOTI0MzA3NzcxNjMwNDIyMDk5Ng%3D%3D&google_push=ARnp8GBl7Vc41PnATk_MHM-DULOXjUodMWXTTldXi9ksAPevLDSMXcf54GXDx_tB6oVd00ykJqm0aTY3pp5uEKvn23J1U0k06PE0

Request Chain 262

https://d.agkn.com/pixel/2175/?google_gid=CAESELD0Qcy5jzF6C9Kh2KbxESw&google_cver=1&google_push=ARnp8GCvjme9QrvKQXSKbp1p96aviuMaksx99mAovjBUNxdNkOFObyygldaFFOPu-ArCxGmhxHXyYcqxr1m7uyrzHRcerd5cOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GCvjme9QrvKQXSKbp1p96aviuMaksx99mAovjBUNxdNkOFObyygldaFFOPu-ArCxGmhxHXyYcqxr1m7uyrzHRcerd5cOA&google_hm=Q0FFU0VMRDBRY3k1anpGNkM5S2gyS2J4RVN3

Request Chain 266

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKfabakLr_vXi42O4_NOfN4&google_cver=1&google_push=ARnp8GCSQ7FS6BOh9Gly309HXinpCgCzRTm5Uia15kH76P0CeVbeVy_s0JCUVEqdpsAX15Y_XxKkWtYt0KWQ7PsC4xwRPOO8VA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDUwVEY0SFQtMVMtM0YxWQ==&google_push=ARnp8GCSQ7FS6BOh9Gly309HXinpCgCzRTm5Uia15kH76P0CeVbeVy_s0JCUVEqdpsAX15Y_XxKkWtYt0KWQ7PsC4xwRPOO8VA

Request Chain 267

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIA4bDp3loTYNljKXRCLhtY&google_cver=1&google_push=ARnp8GBBvToaUCHtSnmwnlEpm4tp-q4s8COHrzEmjzdZHnkbd5ZFK_tR7-0K9pi3BBZdQz8ztmfpRAxXuKGCi2QJeCL7mRqUlg HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIA4bDp3loTYNljKXRCLhtY&google_hm=Yr1qpNNk3L3R0qlWOLJacgAAFJYAAAIB&google_nid=index&google_push=ARnp8GBBvToaUCHtSnmwnlEpm4tp-q4s8COHrzEmjzdZHnkbd5ZFK_tR7-0K9pi3BBZdQz8ztmfpRAxXuKGCi2QJeCL7mRqUlg

Request Chain 334

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMpwUNUSYJ_JWBfihedb89I&google_cver=1

Request Chain 336

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEJxzrtHUn8e6Km-CDdhsnS8&google_cver=1

Request Chain 348

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGo0FNB7Ax7msB_Qf86cinE&google_cver=1&google_push=ARnp8GATyDsSL8HN3V-1wvBoy5Px_QcSqdGmJp2EIJ43oDiIgwqyWMTB1WwDRpMl7ZA0ZwWNFgn3InNLYyzZNEaeVS3wn2j0r1g HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GATyDsSL8HN3V-1wvBoy5Px_QcSqdGmJp2EIJ43oDiIgwqyWMTB1WwDRpMl7ZA0ZwWNFgn3InNLYyzZNEaeVS3wn2j0r1g&google_hm=2KjCEN1wRwpZx6ySqwPjZw

Request Chain 352

https://fw.adsafeprotected.com/rfw/st/1034476/63675810/4.js?ias_dspID=3&ias_campId=29059254&ias_pubId=pub-3571272074788370&ias_chanId=1&ias_placementId=17482479250&bidurl=https://orientaldaily.on.cc/content/%25E7%2594%25A2%25E7%25B6%2593/odn-20220630-0630_00202_035/%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jONqHUJRh4gXqgGcNWqbsH&adContainerId=brand_safety_pmq9YoyEDezX7_UPw4ijkAc&cbFunctionName=goog_wrapCb_pmq9YoyEDezX7_UPw4ijkAc&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3571272074788370%26output%3Dhtml%26h%3D250%26slotname%3D6393984442%26adk%3D3565501396%26adf%3D356650500%26pi%3Dt.ma~as.6393984442%26w%3D300%26lmt%3D1656580773%26psa%3D1%26format%3D300x250%26url%3Dhttps%253A%252F%252Forientaldaily.on.cc%252Fcontent%252F%2525E7%252594%2525A2%2525E7%2525B6%252593%252Fodn-20220630-0630_00202_035%252F%2525E6%2525B8%2525A3%2525E6%252589%252593%2525E6%252593%2525AC%2525E5%252586%25258D%2525E6%252595%2525B4%2525E5%252590%252588%2525E5%25258D%2525B0%2525E5%2525BA%2525A6%2525E8%2525B2%2525B8%2525E6%2525AC%2525BE%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1656580773656%26bpp%3D2%26bdt%3D7223%26idt%3D2%26shv%3Dr20220628%26mjsv%3Dm202206230101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D7a6045127e940fb5%253AT%253D1656580769%253AS%253DALNI_MaKWkbLjd2cIdIMRVa0hUrCpoR9Gg%26prev_fmts%3D0x0%252C728x90%26nras%3D1%26correlator%3D602963358455%26rume%3D1%26frm%3D20%26pv%3D1%26ga_vid%3D248626736.1656580771%26ga_sid%3D1656580771%26ga_hid%3D15067015%26ga_fc%3D1%26ga_cid%3D965798538.1656580769%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D990%26ady%3D297%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31065545%252C31067983%252C44768099%252C42531605%252C31061691%252C31061693%26oid%3D2%26psts%3DAGkb-H-E8KtuX9tnYDO0dEIVXKYMs8MpeiKpZ9Cg816LMBGbJHt5MLIotrhsddlLZYLOGbUUue4aiNoZwrwXkPMq%26pvsid%3D203634787387024%26tmod%3D1126593315%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D11%26uci%3Da!b%26fsb%3D1%26xpc%3DOZul6jj5kC%26p%3Dhttps%253A%2F%2Forientaldaily.on.cc%26dtd%3D12&adsafe_type=d&adsafe_jsinfo=,id:fe005022-b5be-5472-512a-260e2031f01a,c:h0LtTD,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-86c8d9dc9d-bljrj,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:2,fm:taeo6Fx+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C161%7C162%7C163%7C164%7C17%7C18*.1034476-63675810%7C181%7C182%7C183%7C184,idMap:18*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:15,oid:c1801d1b-f855-11ec-8ba0-86ab0077edc2,v:19.8.319,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

381 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request %E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE Show response
orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/ 24 KB
6 KB 898ms
862ms Document
text/html 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 962f187c2e07072183a90cbb92b513e86821baad09eab1d87228745ca6d2f8a9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
cache-control: public, max-age=300, s-maxage=300, stale-if-error=86400, stale-while-revalidate=30
cf-cache-status: HIT
cf-ray: 7235d1f8dda8692b-FRA
content-encoding: br
content-type: text/html;charset=utf-8
date: Thu, 30 Jun 2022 09:19:26 GMT
etag: W/"01f19c23f711b76f34d607d2b0b0befcb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Accept-Encoding
x-application-context: application:live:9054
x-cacheable: L08
x-host: odnsearchdocker01
x-varnish: 86213345

GET
H2 200 bootstrap.min.css
orientaldaily.on.cc/css/v3/ 119 KB
20 KB 38ms
37ms Stylesheet
text/css 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/css/v3/bootstrap.min.css
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54ddf015f68354280bc4c8b459b66d8fa3ddaddbdf5de7a76d57b26c22d89776

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:26 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
age: 0
x-varnish: 80069382
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 31 Jan 2020 03:29:24 GMT
server: cloudflare
etag: W/"1db17-59d672e16ed00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: text/css
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7235d1fe3eb0692b-FRA
expires: Thu, 30 Jun 2022 08:12:06 GMT

GET
H2 200 bootstrap-theme.min.css
orientaldaily.on.cc/css/v3/ 24 KB
3 KB 36ms
34ms Stylesheet
text/css 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/css/v3/bootstrap-theme.min.css
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a13295ffa73431bd92a7d3b657fe14eb139a711c435e50a55e919a39190ce112

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:26 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
age: 0
x-varnish: 79389614 79902154
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 31 Jan 2020 03:29:24 GMT
server: cloudflare
etag: W/"5e3c-59d672e16ed00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: text/css
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7235d1fe4eb2692b-FRA
expires: Thu, 30 Jun 2022 08:12:09 GMT

GET
H2 200 odn-common.min.css
orientaldaily.on.cc/css/v3/ 33 KB
6 KB 39ms
38ms Stylesheet
text/css 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/css/v3/odn-common.min.css
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8b4e204fa4f21d50c68e41e6e77a807c1374c45c0c9548542b0c4d84dd31528

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:26 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
age: 3426
content-type: text/css
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Mar 2022 07:19:02 GMT
server: cloudflare
etag: W/"8580-5db42206ea580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 87902381 87182914
cache-control: public, max-age=120, s-maxage=3600
cf-ray: 7235d1fe4eb4692b-FRA
expires: Thu, 30 Jun 2022 07:12:09 GMT

GET
H2 200 menu.css
hk.on.cc/mobile/css/ 20 KB
4 KB 40ms
38ms Stylesheet
text/css 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hk.on.cc/mobile/css/menu.css
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4379e471eed46dfb112bc6c7aedbce4360a76d9e33ff2857c43373b8be346443

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:26 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Thu, 27 Jan 2022 02:01:06 GMT
server: cloudflare
age: 0
etag: W/"61f1fce2-519d"
x-cacheable: Y09
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 249668944 209856313
content-type: text/css
cache-control: public, max-age=5, s-maxage=5
cf-ray: 7235d1fe4ebb692b-FRA
vary: Accept-Encoding

GET
H2 200 style.css
hk.on.cc/module/photoswipe/ 9 KB
2 KB 41ms
39ms Stylesheet
text/css 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hk.on.cc/module/photoswipe/style.css
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c3dbb2a992819fe0810a2bb5f48c5789b35daca410ac35c6cdd34bfb488cf00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:26 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 23 May 2017 07:32:56 GMT
server: cloudflare
age: 0
etag: W/"5923e5a8-25c1"
x-cacheable: Y09
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 785428550 667339034
content-type: text/css
cache-control: public, max-age=5, s-maxage=5
cf-ray: 7235d1fe4ebf692b-FRA
vary: Accept-Encoding

GET
H2 200 h5player.css
hk.on.cc/module/player/ 46 KB
8 KB 43ms
42ms Stylesheet
text/css 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hk.on.cc/module/player/h5player.css
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0350eaf35ccdb5e81fd6410f924aa857b491fce3bb1bc48e0935ad2b26a138e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:26 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 07:06:41 GMT
server: cloudflare
age: 0
etag: W/"610a3c81-b706"
x-cacheable: Y09
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 513989675 589177708
content-type: text/css
cache-control: public, max-age=5, s-maxage=5
cf-ray: 7235d1fe4ebe692b-FRA
vary: Accept-Encoding

GET
H2 200 odn-preloadjs.min.js Show response
orientaldaily.on.cc/js/v3/ 1 KB
598 B 239ms
238ms Script
application/x-javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/odn-preloadjs.min.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863fed36a63359c178627fb9c1c55a6dae814afcb97df4c71ac785397f9e73a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:26 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
content-type: application/x-javascript
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Jul 2021 10:30:37 GMT
server: cloudflare
etag: W/"597-5c82c7a264d40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 105339959 106014128
cache-control: public, max-age=120, s-maxage=3600
cf-ray: 7235d1fe4eb6692b-FRA
expires: Thu, 30 Jun 2022 08:12:34 GMT

GET
H2 200 odn-preloadcss.min.js Show response
orientaldaily.on.cc/js/v3/ 123 B
254 B 35ms
35ms Script
application/x-javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/odn-preloadcss.min.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6258cf89e1f9160011d8e08cca525e7fd687610408410ceb2b25fbbb7e9b08ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:26 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
age: 0
x-varnish: 83736383
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 26 May 2021 09:40:39 GMT
server: cloudflare
etag: W/"7b-5c3386f73d3c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7235d1fe4eb9692b-FRA
expires: Thu, 30 Jun 2022 08:42:10 GMT

GET
H2 200 odn_mobile_logo.png
orientaldaily.on.cc/img/v3/ 4 KB
4 KB 248ms
248ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/odn_mobile_logo.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5627922b3f1c49ed3d43cfb5699e1525ca7de0c6e6791aead848d3e495e268ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:26 GMT
cf-cache-status: HIT
x-cacheable: L07
content-type: image/png
content-length: 4198
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 27 May 2016 08:45:08 GMT
server: cloudflare
etag: "1066-533ceec856d00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 90079163 91148688
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7235d1ffc974692b-FRA
expires: Thu, 30 Jun 2022 08:12:24 GMT

GET
H2 200 odn_mobile_archive.png
orientaldaily.on.cc/img/v3/ 2 KB
2 KB 31ms
31ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/odn_mobile_archive.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd713d7980c21296da0a550b57782bb190e1677c630acaf0d10bb1ca0c25a4b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 1
content-type: image/png
content-length: 2064
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 27 May 2016 08:55:57 GMT
server: cloudflare
etag: "810-533cf13346140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 79389632 80424583
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 7235d201ac57692b-FRA
expires: Thu, 30 Jun 2022 08:11:54 GMT

GET
H2 200 bt_today.png
orientaldaily.on.cc/img/v3/ 2 KB
2 KB 54ms
42ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/bt_today.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b1582fc9df76f0cab50cedaa2fbe5ec0a9cf52db13e4b98c36b6ee4694abb23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L08
age: 0
content-type: image/png
content-length: 2332
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 14 Oct 2020 09:23:51 GMT
server: cloudflare
etag: "91c-5b19e16eaf7c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 86000825 83492253
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 7235d202adbf692b-FRA
expires: Thu, 30 Jun 2022 08:12:21 GMT

GET
H2 200 Bt_calendar.png
orientaldaily.on.cc/img/v3/ 3 KB
3 KB 255ms
243ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/Bt_calendar.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb8eba1460c995cb48cfbbbdd9f304a41a53320d9bfa6ce9ad0fa841b81b5e76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L08
content-type: image/png
content-length: 2625
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 14 Oct 2020 10:12:48 GMT
server: cloudflare
etag: "a41-5b19ec5fa0800"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 86249100
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 7235d202adc0692b-FRA
expires: Thu, 30 Jun 2022 08:55:27 GMT

GET
H2 200 ireport.png
orientaldaily.on.cc/img/v3/ 5 KB
5 KB 264ms
252ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/ireport.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f4fb07db356f024984914d8364135ac3b56af2a009bdcd335fc6483db4931af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L07
content-type: image/png
content-length: 4627
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 20 Mar 2020 09:39:27 GMT
server: cloudflare
etag: "1213-5a1460fb731c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 80189596 80551410
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 7235d202adc1692b-FRA
expires: Thu, 30 Jun 2022 08:42:14 GMT

GET
H2 200 oncc_icon.png
orientaldaily.on.cc/img/v3/ 2 KB
2 KB 40ms
29ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/oncc_icon.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79bb7f32bfdac68dae7fe9cb02ee43aeb9e89027cd0c7c06b12660bf95bd6beb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L08
age: 1781
content-type: image/png
content-length: 1717
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 08 Oct 2021 02:55:36 GMT
server: cloudflare
etag: "6b5-5cdce83751a00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 83736406 86445725
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 7235d202adc2692b-FRA
expires: Thu, 30 Jun 2022 08:12:18 GMT

GET
H2 200 calendar.png
orientaldaily.on.cc/img/v3/ 1 KB
1 KB 53ms
42ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/calendar.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 350b869264924592f82e55d98feaf44ec0dfb85fd76f798503e8c2bc6eb98517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L08
age: 3427
content-type: image/png
content-length: 1192
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 20 Mar 2020 10:45:35 GMT
server: cloudflare
etag: "4a8-5a146fc3a11c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 80069408 82865305
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 7235d202adc3692b-FRA
expires: Thu, 30 Jun 2022 08:12:06 GMT

GET
H2 200 0630-00202-035b1.jpg
orientaldaily.on.cc/asset/finance/20220630/photo/ 134 KB
134 KB 246ms
235ms Image
image/jpeg 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/asset/finance/20220630/photo/0630-00202-035b1.jpg
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80b527303614f3950afc1b442881a714307f13c4fe82abafb71e68d33172d6a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L07
content-type: image/jpeg
content-length: 136845
x-varnish: 93071364
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 29 Jun 2022 16:23:34 GMT
server: cloudflare
etag: "2168d-5e2989313ad80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
expires: Thu, 30 Jun 2022 08:41:46 GMT
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7235d202adc4692b-FRA
cf-bgj: h2pri

GET
H2 200 0630-00202-035s1.jpg
orientaldaily.on.cc/asset/finance/20220630/photo/ 97 KB
97 KB 65ms
55ms Image
image/jpeg 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/asset/finance/20220630/photo/0630-00202-035s1.jpg
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1589f2f09497ced0462a32268a796f287a5ab893ce213a8fbf39b233d2fbeb59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 0
content-type: image/jpeg
content-length: 99025
x-varnish: 77659749
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 29 Jun 2022 16:23:35 GMT
server: cloudflare
etag: "182d1-5e2989322efc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
expires: Thu, 30 Jun 2022 08:12:59 GMT
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 7235d202adc5692b-FRA
cf-bgj: h2pri

GET
H2 200 ireport_icon.png
orientaldaily.on.cc/img/v3/ 19 KB
20 KB 61ms
51ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/ireport_icon.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99dc0044cfebc1a8906fb5a71be5f41917615a0815955dede34d9406cd6fe053

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 3427
content-type: image/png
content-length: 19905
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 10 Feb 2020 07:47:14 GMT
server: cloudflare
etag: "4dc1-59e33f2962480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 79545825 79902055
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 7235d202adc8692b-FRA
expires: Thu, 30 Jun 2022 07:11:45 GMT

GET
H2 200 web_accessibility_logo.png
orientaldaily.on.cc/img/v3/ 12 KB
13 KB 273ms
263ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/web_accessibility_logo.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4d14f2c2dc606d17733d321dfbe8b722073a5d64b3cc9b107c09e2a5d263e3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L07
content-type: image/png
content-length: 12740
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 May 2015 10:19:04 GMT
server: cloudflare
etag: "31c4-516a8fd53d600"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 80972525
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 7235d202bde6692b-FRA
expires: Thu, 30 Jun 2022 08:12:21 GMT

GET
H2 200 require.js Show response
orientaldaily.on.cc/js/v3/lib/ 17 KB
7 KB 868ms
867ms Script
application/x-javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/lib/require.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ca49b7de8f5e006ba5eb976937a3f9fb96b05ebfbb11d685c0b21ead94aacaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
content-type: application/x-javascript
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 18 Jun 2020 10:17:21 GMT
server: cloudflare
etag: W/"45a7-5a85914f96e40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 105718601
cache-control: public, max-age=120, s-maxage=3600
cf-ray: 7235d1fe8f40692b-FRA
expires: Thu, 30 Jun 2022 08:12:53 GMT

GET
H2 200 serverTime.js Show response
on.cc/js/ 35 B
226 B 40ms
37ms Script
application/javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on.cc/js/serverTime.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-preloadjs.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cd04ebec3c174306715e23ef72e0761d431c71f09664fcd489ecbe5dd3c9dea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:26 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 0
cf-ray: 7235d1ffc984692b-FRA
x-host: WL24
content-length: 35
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 09:19:21 GMT
server: cloudflare
etag: "62bd6a99-23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 99353227 98834661
cache-control: public, max-age=5, s-maxage=5
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 jquery.js Show response
orientaldaily.on.cc/js/v3/lib/ 87 KB
32 KB 40ms
38ms Script
application/x-javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/lib/jquery.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-preloadjs.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:26 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
age: 0
x-varnish: 86383854 80069294
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Jul 2020 02:54:11 GMT
server: cloudflare
etag: W/"15d83-5aa49ce1e9ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7235d1ffc97c692b-FRA
expires: Thu, 30 Jun 2022 08:12:03 GMT

GET
H2 200 unicorp_v4.js Show response
on.cc/adv/web/corp/source/ 59 KB
14 KB 41ms
40ms Script
application/javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on.cc/adv/web/corp/source/unicorp_v4.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-preloadjs.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1f67310a50c4720ca438927ad499f0eb5adf421b8106f950d4b4a3d4a7575ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:26 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
age: 0
cf-ray: 7235d1ffc97f692b-FRA
x-host: WL24
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 27 Jan 2022 01:52:16 GMT
server: cloudflare
etag: W/"61f1fad0-ecaf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 950277 1048579
cache-control: public, max-age=5, s-maxage=5
content-type: application/javascript

GET
H2 200 odn-common.min.js Show response
orientaldaily.on.cc/js/v3/ 44 KB
13 KB 42ms
41ms Script
application/x-javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/odn-common.min.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-preloadjs.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eed02bbf05669a57c9fa23730f523ae85f4331eb7229d0b1eb7b047bec7cc00b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:26 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
age: 0
x-varnish: 78482431 79449731
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jun 2022 04:48:29 GMT
server: cloudflare
etag: W/"aed0-5e2162a37a140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7235d1ffc980692b-FRA
expires: Thu, 30 Jun 2022 08:56:48 GMT

GET
H2 200 odn-banner.min.js Show response
orientaldaily.on.cc/js/v3/ 5 KB
2 KB 38ms
36ms Script
application/x-javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/odn-banner.min.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-preloadjs.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 870afcb46786b2bb14b4513b1fcd75be5b9566019065b696eac3857328c51e1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:26 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
age: 0
x-varnish: 77666803 85488617
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jun 2022 02:57:26 GMT
server: cloudflare
etag: W/"13f7-5e2149d125180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7235d1ffc981692b-FRA
expires: Thu, 30 Jun 2022 08:12:06 GMT

GET
H2 200 hls.js Show response
hk.on.cc/module/player/ 235 KB
71 KB 53ms
52ms Script
application/javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hk.on.cc/module/player/hls.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-preloadjs.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b7a5a4cc369fbf887fc098793578f308d0b3e1f51c6fdb5765e5b433e1dfc89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:26 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: Y09
age: 0
cf-ray: 7235d1ffc982692b-FRA
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Mar 2021 03:57:55 GMT
server: cloudflare
etag: W/"60596743-3ab62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 780792756 779342507
access-control-allow-origin: *
cache-control: public, max-age=5, s-maxage=5
content-type: application/javascript

GET
H2 200 ads.js Show response
www.google.com/adsense/search/ 140 KB
51 KB 136ms
53ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/search/ads.js

Requested by

Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-preloadjs.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d479a01123d8574e81f3e4fcd8445a067484e24ac7c62ac20b59576a2781b2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 30 Jun 2022 09:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "9215433850565682101"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Thu, 30 Jun 2022 09:19:26 GMT

GET
H2 200 unicorp_lang.js Show response
on.cc/adv/web/corp/source/ 86 KB
19 KB 242ms
242ms Script
application/javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on.cc/adv/web/corp/source/unicorp_lang.js
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f67d90d957dd4ee4d98b2aa84d917c435702010342d449a1bdc7fe3b7e1e4c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:26 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
cf-ray: 7235d20029f4692b-FRA
x-host: WL25
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Apr 2020 07:45:39 GMT
server: cloudflare
etag: W/"5e9d5323-1582f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 21033341 28970101
cache-control: max-age=5, s-maxage=5
content-type: application/javascript

GET
H2 200 yahoo_keywords.js Show response
on.cc/adv/web/corp/js/ 4 KB
778 B 249ms
238ms Script
application/javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on.cc/adv/web/corp/js/yahoo_keywords.js
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79c369802018b75882ec40d4896c33c99ff78227d8ccce93357fc8167b32d386

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
cf-ray: 7235d202bde7692b-FRA
x-host: WL24
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Mar 2011 04:11:26 GMT
server: cloudflare
etag: W/"4d76fdee-1198"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 39118395 44131740
cache-control: public, max-age=5, s-maxage=5
content-type: application/javascript

GET
H2 200 unicorp_disclaimer.js Show response
on.cc/adv/web/corp/source/ 4 KB
1 KB 876ms
866ms Script
application/javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on.cc/adv/web/corp/source/unicorp_disclaimer.js
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 112aba6073ee49f1843f50fb5239e2d7c8a004325b50bd7f93ab093cb6b72e4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
cf-ray: 7235d202bde9692b-FRA
x-host: WL24
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 31 Aug 2021 06:55:25 GMT
server: cloudflare
etag: W/"612dd25d-f2a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 45319121 44805635
cache-control: public, max-age=5, s-maxage=5
content-type: application/javascript

GET
H2 200 weather_info.js Show response
on.cc/adv/web/corp/js/ 3 KB
862 B 233ms
233ms Script
application/javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on.cc/adv/web/corp/js/weather_info.js
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdff3f5fc8a8f8ae1fe38fe4304dec4b67f7bfe4d8c61bd48d02805217cbbd78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:26 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
cf-ray: 7235d20029fb692b-FRA
x-host: WL24
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 09:10:03 GMT
server: cloudflare
etag: W/"62bd686b-cc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 89087202 98966192
cache-control: public, max-age=5, s-maxage=5
content-type: application/javascript

GET
H2 200 unicorp_v4.css
on.cc/adv/web/corp/source/ 7 KB
2 KB 28ms
28ms Stylesheet
text/css 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on.cc/adv/web/corp/source/unicorp_v4.css?v=31
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cdfc421265602e0a9c952b7c9e7ee8f58cfbdfb27b0d3649b818ecbb24f8908

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:26 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
age: 90
cf-ray: 7235d20029fd692b-FRA
x-host: WL25
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 27 May 2020 01:59:01 GMT
server: cloudflare
etag: W/"5ecdc965-1de5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 102167526 142787386
cache-control: public, max-age=30, s-maxage=300
content-type: text/css

GET
H2 200 unicorp_v4_hk.css
on.cc/adv/web/corp/source/ 12 KB
2 KB 27ms
27ms Stylesheet
text/css 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b85ec12235a456ead5b2370041070fb6cecad1f6db376c484b15f68e0b98b7e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:26 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
age: 90
cf-ray: 7235d20029fe692b-FRA
x-host: WL24
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 27 Jan 2022 01:52:16 GMT
server: cloudflare
etag: W/"61f1fad0-3183"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 128948102 112192477
cache-control: public, max-age=30, s-maxage=300
content-type: text/css

GET
H2 200 checkrev.gif
home.on.cc/adv/web/corp/img/ 43 B
164 B 67ms
56ms Image
image/gif 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://home.on.cc/adv/web/corp/img/checkrev.gif
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L08
age: 13242
cf-ray: 7235d202bdf1692b-FRA
x-host: WL25
content-length: 43
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Oct 2008 03:57:30 GMT
server: cloudflare
etag: "48fc01aa-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 237732289 235456934
cache-control: max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/gif

GET
H2 200 pubdate.js Show response
orientaldaily.on.cc/asset/js/ 24 B
433 B 47ms
47ms XHR
application/json 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/asset/js/pubdate.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a5961396357e863a967803cce166fd3954275ccee1be16f7c75077414216918

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
age: 91
cf-ray: 7235d201cc8b692b-FRA
x-host: odnsearchdocker01
x-application-context: application:live:9054
referrer-policy: no-referrer-when-downgrade
server: cloudflare
etag: W/"0744a855bd23b3c6cc61fdabff7989eed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 85841249 88805766
access-control-allow-origin: *
cache-control: public, max-age=300, s-maxage=300, stale-if-error=86400, stale-while-revalidate=30
content-type: application/json;charset=UTF-8
access-control-allow-headers: Content-Type

GET
H2 200 hiddenSection.js Show response
orientaldaily.on.cc/asset/js/20220630/ 236 B
291 B 26ms
26ms XHR
application/json 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/asset/js/20220630/hiddenSection.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 975765c0fef1b080e3a7137df342f265d483f8c7927b8e10b923b92ebfa71378

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
age: 91
cf-ray: 7235d2021ce8692b-FRA
x-host: odnsearchdocker02
x-application-context: application:live:9054
referrer-policy: no-referrer-when-downgrade
server: cloudflare
etag: W/"03a260a3520d7cf6267d4154213fadf30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 82943014 82389867
access-control-allow-origin: *
cache-control: public, max-age=300, s-maxage=300, stale-if-error=86400, stale-while-revalidate=30
content-type: application/json;charset=utf-8
access-control-allow-headers: Content-Type

GET
H2 204 rta.js Show response
rtax.criteo.com/delivery/rta/ 0
84 B 59ms
15ms Script
text/plain 178.250.0.166
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtax.criteo.com/delivery/rta/rta.js?netId=3124&cookieName=crtg_oncchk_rta&rnd=39770914330&varName=crtg_oncchk_content

Requested by

Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-banner.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.166 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
strict-transport-security: max-age=31536000; preload;
server: nginx/1.20.1

GET
H2 200 adultlist.txt Show response
orientaldaily.on.cc/data/ 578 B
314 B 34ms
33ms XHR
text/plain 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/data/adultlist.txt
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1bf5e901abfea769b7f81433070c2a4ea7f261d2726c4f6c078429604f7c843

Request headers

Accept: */*
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
age: 3425
x-varnish: 80259810
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jun 2022 02:38:52 GMT
server: cloudflare
etag: W/"242-5e2145aac0700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: text/plain
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7235d2024d3e692b-FRA
expires: Thu, 30 Jun 2022 07:40:33 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 163 KB
56 KB 167ms
75ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-banner.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2b9ea9245c4626f826a0b9bfb7dca8c879c51cf9a351df7ecd1fccbdae2f87a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56357
x-xss-protection: 0
server: cafe
etag: 5017699428754228590
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 09:19:27 GMT

GET
H2 200 odn-content.min.css
orientaldaily.on.cc/css/v3/ 12 KB
2 KB 252ms
240ms Stylesheet
text/css 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/css/v3/odn-content.min.css
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d82509736b98cf5d93d49f053ced5702fd9ca35deb0d590aa2d3a52e176eab22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
x-varnish: 80872598 80189530
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 02 Aug 2021 04:38:40 GMT
server: cloudflare
etag: W/"2e67-5c88c24af5400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: text/css
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7235d202adbb692b-FRA
expires: Thu, 30 Jun 2022 08:34:47 GMT

GET
H2 200 ajs.php Show response
ad4.on.cc/web/www/delivery/ 3 KB
1 KB 1355ms
1346ms Script
text/javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=705&adScreenW=1600
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-banner.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 295426b72ec33667532350cfade43e74c86369c35ed6f230e3996c0197af0118

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Jun 2022 09:19:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
cf-ray: 7235d202bdef692b-FRA
content-type: text/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ic_arrow_hkhk_off.gif
on.cc/img/v2/ 1 KB
1 KB 47ms
38ms Image
image/gif 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/img/v2/ic_arrow_hkhk_off.gif
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b4a8698e5c880ff6090a1c0cd2558e42b26c5a1bdf6cb08b9d8f2d78077fdd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 11070
cf-ray: 7235d202adbd692b-FRA
x-host: WL24
content-length: 1172
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 03 Nov 2013 03:59:55 GMT
server: cloudflare
etag: "5275ca3b-494"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 69371410 69110807
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/gif

GET
H2 200 web_menu_m18.png
on.cc/adv/web/corp/img/ 3 KB
3 KB 63ms
54ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/web_menu_m18.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10a1c3546508a4f60041203cd2de027ba35189ccac7bcc4701c98ac6595bc434

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 11061
cf-ray: 7235d202bdeb692b-FRA
x-host: WL24
content-length: 2799
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 03:35:56 GMT
server: cloudflare
etag: "6018c89c-aef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 68208771 68208645
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 web_menu_m18_over.png
on.cc/adv/web/corp/img/ 3 KB
3 KB 59ms
50ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/web_menu_m18_over.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b75455f6bc681b8ccf92a51442f1ac2c91fbfe1c813837a9650e975b3456913

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L08
age: 11061
cf-ray: 7235d202bdec692b-FRA
x-host: WL25
content-length: 2832
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 03:35:56 GMT
server: cloudflare
etag: "6018c89c-b10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 66482354 53043633
cache-control: max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 web_ball_off.png
on.cc/adv/web/corp/img/ 2 KB
2 KB 61ms
54ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/web_ball_off.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2139db140b042be2a5bafd65fa757f0eb3cf3e0f97c6a8eec957052530b03d77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L08
age: 11069
cf-ray: 7235d202bded692b-FRA
x-host: WL25
content-length: 2168
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 03:35:56 GMT
server: cloudflare
etag: "6018c89c-878"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 42653807 68077413
cache-control: max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 web_ball_over.png
on.cc/adv/web/corp/img/ 2 KB
2 KB 39ms
38ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/web_ball_over.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eef61507e5ba153c053a683aefc1e14a84044b401e846c5736572094dd2fe5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L08
age: 13241
cf-ray: 7235d202ee23692b-FRA
x-host: WL25
content-length: 2175
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 03:35:56 GMT
server: cloudflare
etag: "6018c89c-87f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 57990337 53043638
cache-control: max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 web_ball_off_sc.png
on.cc/adv/web/corp/img/ 2 KB
2 KB 41ms
41ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/web_ball_off_sc.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5587ca41f509ea115a518336f6ac6e376379a25fda215b58c4921f84040f0f39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 8441
cf-ray: 7235d202fe40692b-FRA
x-host: WL24
content-length: 2124
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 03:35:56 GMT
server: cloudflare
etag: "6018c89c-84c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 68184799 69048441
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 web_ball_over_sc.png
on.cc/adv/web/corp/img/ 2 KB
2 KB 43ms
40ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/web_ball_over_sc.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9de0c8978e69302a3aa776ff407769b18f57ffa7d8122c2da9ef747f93cd43cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 13241
cf-ray: 7235d2030e4d692b-FRA
x-host: WL24
content-length: 2138
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 03:35:56 GMT
server: cloudflare
etag: "6018c89c-85a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 69048549 68208660
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 web_horse_off.png
on.cc/adv/web/corp/img/ 2 KB
2 KB 30ms
28ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/web_horse_off.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deebccefdbb9e3846fb52bdeb875696fa33b4fcafb00d83ac8f89631084df26b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 11061
cf-ray: 7235d2030e4e692b-FRA
x-host: WL24
content-length: 1953
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 03:35:56 GMT
server: cloudflare
etag: "6018c89c-7a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 69371418 68246272
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 web_horse_over.png
on.cc/adv/web/corp/img/ 2 KB
2 KB 36ms
36ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/web_horse_over.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e26801b344d9fb191aa53ea743d2d8b5f4888cebac66ce1128f63078aa53f750

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 8441
cf-ray: 7235d2032e7f692b-FRA
x-host: WL24
content-length: 1952
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 03:35:56 GMT
server: cloudflare
etag: "6018c89c-7a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 68246468 69048425
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 web_horse_off_sc.png
on.cc/adv/web/corp/img/ 2 KB
2 KB 37ms
37ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/web_horse_off_sc.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9c56677f5e4bf4db2d10b3e4251337f9c954733c8b35b24f6861cf634ae42a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 13241
cf-ray: 7235d2033e94692b-FRA
x-host: WL24
content-length: 1856
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 03:35:56 GMT
server: cloudflare
etag: "6018c89c-740"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 69371403 68208648
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 web_horse_over_sc.png
on.cc/adv/web/corp/img/ 2 KB
2 KB 38ms
38ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/web_horse_over_sc.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9613f7645c91aacd5d5027d72140f3ffcb148eb265aeee3b529303e28f8bd03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 11061
cf-ray: 7235d2033ea7692b-FRA
x-host: WL24
content-length: 1861
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 03:35:56 GMT
server: cloudflare
etag: "6018c89c-745"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 15300205 69402819
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 web_net_off.png
on.cc/adv/web/corp/img/ 2 KB
2 KB 25ms
25ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/web_net_off.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce61748ce893b3ec7b81cd022f4a9ed673ab4c118f5cff9a4c72a2160d04b496

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L08
age: 13241
cf-ray: 7235d2034eaf692b-FRA
x-host: WL25
content-length: 2343
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 03:35:56 GMT
server: cloudflare
etag: "6018c89c-927"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 57990362
cache-control: max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 web_net_over.png
on.cc/adv/web/corp/img/ 2 KB
2 KB 27ms
26ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/web_net_over.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 176b6e30b48ace76fce19e261ac688bde72e2defab631d9c2fafea242c559714

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 11068
cf-ray: 7235d2036ed5692b-FRA
x-host: WL24
content-length: 2352
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 03:35:56 GMT
server: cloudflare
etag: "6018c89c-930"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 68246457 68208642
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 logo_TC_on.gif
on.cc/adv/web/corp/img/ 12 KB
12 KB 27ms
27ms Image
image/gif 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/logo_TC_on.gif
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5124d27328c2f5c4b2a560fe2ad40a2ece04ed9f465f354fa35b741c124fd466

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L08
age: 8441
cf-ray: 7235d2037ee8692b-FRA
x-host: WL25
content-length: 11875
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Nov 2020 04:52:01 GMT
server: cloudflare
etag: "5fa8caf1-2e63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 68268290
cache-control: max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/gif

GET
H2 200 logo_SC_on.gif
on.cc/adv/web/corp/img/ 12 KB
12 KB 36ms
36ms Image
image/gif 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/logo_SC_on.gif
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a12c17ab23790461e677329f9dac5efb0ce19a38fcece15f785ff7f42423cc26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L08
age: 11061
cf-ray: 7235d2037eea692b-FRA
x-host: WL25
content-length: 11974
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Nov 2020 04:52:00 GMT
server: cloudflare
etag: "5fa8caf0-2ec6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 42653801
cache-control: max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/gif

GET
H2 200 logo_TC_off.png
on.cc/adv/web/corp/img/ 28 KB
28 KB 27ms
27ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/logo_TC_off.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2ba400a3542c7f986dd240f2def70cc8d021912a6376e6da574c28630a67b3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 8441
cf-ray: 7235d2037ef8692b-FRA
x-host: WL24
content-length: 28481
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Nov 2020 04:51:59 GMT
server: cloudflare
etag: "5fa8caef-6f41"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 69402961 68184620
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 logo_SC_off.png
on.cc/adv/web/corp/img/ 27 KB
27 KB 53ms
53ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/logo_SC_off.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1de66009eea3c9f435d5bea771a3717b0c9dc7abc9418e9357442c1afec63117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 13241
cf-ray: 7235d2038f16692b-FRA
x-host: WL24
content-length: 27615
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Nov 2020 04:52:05 GMT
server: cloudflare
etag: "5fa8caf5-6bdf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 69110892 69210483
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 logo_net_off.png
on.cc/adv/web/corp/img/ 3 KB
3 KB 30ms
30ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/logo_net_off.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ab6ed9795e2f7e4f657148a92d36798a27dd29ab2d4e992fbce352de9a2e42b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 8441
cf-ray: 7235d2039f2b692b-FRA
x-host: WL24
content-length: 3057
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 03:35:56 GMT
server: cloudflare
etag: "6018c89c-bf1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 68149827 68246285
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 logo_net_on.png
on.cc/adv/web/corp/img/ 4 KB
4 KB 35ms
34ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/logo_net_on.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2120ebbbe270d6417b8d272c6450d10ef0d94235287b3eb2e2c8a52de73cb17e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 11068
cf-ray: 7235d203af3f692b-FRA
x-host: WL24
content-length: 4259
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 03:35:56 GMT
server: cloudflare
etag: "6018c89c-10a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 15300209 68208639
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 net_icon_off.png
on.cc/adv/web/corp/img/ 4 KB
4 KB 40ms
40ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/net_icon_off.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e91e1f5f9ab1b71b71686baf06d7a1661f89786df2019f315b2d3b8d1186f61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 13241
cf-ray: 7235d203af44692b-FRA
x-host: WL24
content-length: 3802
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Jun 2020 06:39:24 GMT
server: cloudflare
etag: "5ed9e89c-eda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 68184812 68208653
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 net_icon_on.png
on.cc/adv/web/corp/img/ 3 KB
3 KB 28ms
28ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/net_icon_on.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2c044e8e8af87330e2c1c28479713e3107e8b9fe79b3a881bcb247902531db1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L08
age: 8441
cf-ray: 7235d203cf91692b-FRA
x-host: WL25
content-length: 3377
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Jun 2020 06:39:24 GMT
server: cloudflare
etag: "5ed9e89c-d31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 67979549
cache-control: max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 test_off.png
on.cc/adv/web/corp/img/ 1 KB
2 KB 32ms
31ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/test_off.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af2d583999658b96ba5bc7d5cf834ca654a8930d5937c8f4830ee9c7e6fac5ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 13241
cf-ray: 7235d203efb6692b-FRA
x-host: WL24
content-length: 1421
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 Mar 2020 01:47:55 GMT
server: cloudflare
etag: "5e6ae64b-58d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 69048569 69371221
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 test_on.png
on.cc/adv/web/corp/img/ 1 KB
1 KB 37ms
37ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/test_on.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc5e0245a9f89d144afabfb55c88f190a4153ad8c3baa67e340a2a7715a64940

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 8441
cf-ray: 7235d203efbc692b-FRA
x-host: WL24
content-length: 1370
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 Mar 2020 01:47:55 GMT
server: cloudflare
etag: "5e6ae64b-55a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 68246439 68536651
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 dot_off.png
on.cc/adv/web/corp/img/ 1 KB
1 KB 40ms
40ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/dot_off.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c660dec6cd5e8f9e0b3c518da51439c7a47a1b28da85193926a06b005f0905b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L08
age: 8441
cf-ray: 7235d203efcd692b-FRA
x-host: WL25
content-length: 1029
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 Mar 2020 01:47:55 GMT
server: cloudflare
etag: "5e6ae64b-405"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 68620636
cache-control: max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 dot_on.png
on.cc/adv/web/corp/img/ 1 KB
1 KB 28ms
28ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/dot_on.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45f029b0dec12e864c693266265b33e968158edb8ae5761c09013c8069544c2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 13241
cf-ray: 7235d203ffe7692b-FRA
x-host: WL24
content-length: 1025
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 Mar 2020 01:47:55 GMT
server: cloudflare
etag: "5e6ae64b-401"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 69338146 69402845
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 health_off.png
on.cc/adv/web/corp/img/ 2 KB
2 KB 36ms
35ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/health_off.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b5514e397dfa4b681f07408e843b186c8e40f0c429e6b956154ac2c385aac34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 8441
cf-ray: 7235d204181e692b-FRA
x-host: WL24
content-length: 1546
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 Mar 2020 01:51:35 GMT
server: cloudflare
etag: "5e6ae727-60a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 69402946 69402825
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 health_on.png
on.cc/adv/web/corp/img/ 1 KB
2 KB 29ms
29ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/health_on.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e32b017a5bc36cfd7104924ee59da3e015206b7be6132b36f5951b0e7775c4c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 11067
cf-ray: 7235d2042832692b-FRA
x-host: WL24
content-length: 1455
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 Mar 2020 01:51:35 GMT
server: cloudflare
etag: "5e6ae727-5af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 68184791 68246296
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 sport_off.png
on.cc/adv/web/corp/img/ 2 KB
2 KB 26ms
26ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/sport_off.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48deef5a4537b8c2d3bbc1c4cf8b5133ec55fade9fb3ab81bbe36bb4f7cc3f73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 13241
cf-ray: 7235d2042843692b-FRA
x-host: WL24
content-length: 1608
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 Mar 2020 01:51:36 GMT
server: cloudflare
etag: "5e6ae728-648"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 69110894 69402839
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 sport_on.png
on.cc/adv/web/corp/img/ 1 KB
2 KB 25ms
25ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/sport_on.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f6a761102c6ab539f8c8886b76f6c4f92a49955a4bc5fec019a0e741638cac3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:27 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 8441
cf-ray: 7235d2042845692b-FRA
x-host: WL24
content-length: 1497
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 Mar 2020 01:51:36 GMT
server: cloudflare
etag: "5e6ae728-5d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 15300203 69110810
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220628/r20190131/ Frame 4EDB 10 KB
5 KB 121ms
38ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220628/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63625
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 15:39:02 GMT
etag: 10429905676100781186
expires: Wed, 13 Jul 2022 15:39:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 unicorp_disclaimer.css
hk.on.cc/adv/web/corp/source/ 1 KB
655 B 28ms
28ms Stylesheet
text/css 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hk.on.cc/adv/web/corp/source/unicorp_disclaimer.css
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_disclaimer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89c5d02602316b77d7d50cb7b8a168c10d707994d6f2aba75788365896bf5ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:28 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: Y10
age: 3498
cf-ray: 7235d2081e76692b-FRA
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Aug 2018 06:48:01 GMT
server: cloudflare
etag: W/"5b67ef21-5ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 60058182
cache-control: public, max-age=1800, s-maxage=14400
content-type: text/css

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 131ms
49ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=705&adScreenW=1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

35019316f13954f4258a8b048c51ae4cbc126bd15b26c3707aaef60debd9cc1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28075
x-xss-protection: 0
server: sffe
etag: "1259 / 912 of 1000 / last-modified: 1656578599"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 30 Jun 2022 09:19:28 GMT

GET
H2 200 lg.php
ad4.on.cc/web/www/delivery/ 43 B
413 B 242ms
242ms Image
image/gif 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4.on.cc/web/www/delivery/lg.php?bannerid=6758&campaignid=368&zoneid=705&loc=1&referer=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&cb=dee0b92fc7
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:28 GMT
cf-cache-status: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
content-length: 43
pragma: no-cache
last-modified: Thu, 30 Jun 2022 09:19:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
accept-ranges: bytes
cf-ray: 7235d20b1ac3692b-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
orientaldaily.on.cc/css/fonts/ 18 KB
18 KB 34ms
34ms Font
application/octet-stream 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/css/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/bootstrap.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer: https://orientaldaily.on.cc/css/v3/bootstrap.min.css
Origin: https://orientaldaily.on.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:28 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
age: 0
x-varnish: 80424637 80189410
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 31 Jan 2020 03:29:24 GMT
server: cloudflare
etag: W/"466c-59d672e16ed00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: text/plain
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7235d20b2ad6692b-FRA
expires: Thu, 30 Jun 2022 08:11:25 GMT

GET
H2 200 pic63.jpg
on.cc/adv/web/corp/img/ 578 B
784 B 30ms
29ms Image
image/jpeg 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/pic63.jpg
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc48b7c9856fd04e9b657943d039fa00c9171fb2fed4e70f2fb0a0f9d8d5140d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:28 GMT
cf-cache-status: HIT
x-cacheable: L08
age: 4495
cf-ray: 7235d20b3afa692b-FRA
x-host: WL25
content-length: 578
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 17 Oct 2008 03:36:37 GMT
server: cloudflare
etag: "48f80845-242"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 87920225
cache-control: max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 tc1.jpg
on.cc/adv/web/corp/img/ 517 B
706 B 30ms
29ms Image
image/jpeg 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/tc1.jpg
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d396a425aff7d36f065e55309236b089969a477738f1540f948df56853fe2127

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:28 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 6027
cf-ray: 7235d20b3afc692b-FRA
x-host: WL24
content-length: 517
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 17 Oct 2008 03:43:31 GMT
server: cloudflare
etag: "48f809e3-205"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 55857805
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 ts.jpg
on.cc/adv/web/corp/img/ 635 B
815 B 43ms
43ms Image
image/jpeg 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/ts.jpg
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ded3b5fe5012c95cf55fce4d674274ec122c901a802db7371c89d1cb5179d97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:28 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 4495
cf-ray: 7235d20b3afd692b-FRA
x-host: WL24
content-length: 635
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 17 Oct 2008 03:43:32 GMT
server: cloudflare
etag: "48f809e4-27b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 69110896 68184612
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 oncc_deg.gif
on.cc/adv/web/corp/img/ 1 KB
1 KB 31ms
30ms Image
image/gif 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/oncc_deg.gif
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28b04b730ec93a432ace59ed70723ac53e3883f180bf8414f22b2fff89cda6a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:28 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 3425
cf-ray: 7235d20b3afe692b-FRA
x-host: WL24
content-length: 1185
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Nov 2013 04:50:21 GMT
server: cloudflare
etag: "5273330d-4a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 69048585 69402814
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/gif

GET
H2 200 logo_odn.png
orientaldaily.on.cc/img/v3/ 855 B
1 KB 30ms
30ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/logo_odn.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 798140180b673a00fd9685b6979fc85b9108be61c481ee8ab50e8de4f2ae7b34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:28 GMT
cf-cache-status: HIT
x-cacheable: L08
age: 3425
content-type: image/png
content-length: 855
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Feb 2010 08:10:19 GMT
server: cloudflare
etag: "357-48040149df0c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 83492385 86544192
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 7235d20b3aff692b-FRA
expires: Thu, 30 Jun 2022 07:12:16 GMT

GET
H2 200 ajs.php Show response
ad4.on.cc/web/www/delivery/ 6 KB
1 KB 285ms
285ms Script
text/javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=1105&adScreenW=1600
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-banner.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cb6349d13530a8afd8ced2b6d27ef31640eeea339308ff806fe229be97e2458

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Jun 2022 09:19:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
cf-ray: 7235d20b4b00692b-FRA
content-type: text/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ic_facebook_32.png
orientaldaily.on.cc/img/v3/ 4 KB
4 KB 44ms
43ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/ic_facebook_32.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-content.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21751a2ef69707d95d710a599058bd1ad09a1ee89f84512e5f2291b2b94217db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-content.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:28 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 1778
content-type: image/png
content-length: 4397
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Jul 2021 11:23:54 GMT
server: cloudflare
etag: "112d-5c65e8a5b0680"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 176364528 166325218
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7235d20b4b03692b-FRA
expires: Thu, 30 Jun 2022 07:12:36 GMT

GET
H2 200 ic_twitter_32.png
orientaldaily.on.cc/img/v3/ 4 KB
4 KB 33ms
32ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/ic_twitter_32.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-content.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a8c71c4cc7d5565e31fad7dc51eca8c09b8b737ba544f30372411d98a3edba6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-content.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:28 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 0
content-type: image/png
content-length: 3818
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Jul 2021 11:24:07 GMT
server: cloudflare
etag: "eea-5c65e8b2163c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 53572216
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7235d20b4b04692b-FRA
expires: Thu, 30 Jun 2022 08:12:03 GMT

GET
H2 200 ic_telegram_32.png
orientaldaily.on.cc/img/v3/ 5 KB
5 KB 38ms
37ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/ic_telegram_32.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-content.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a7c4424e5cb5c21be591baaf6203d2cdf6a50b582dfb077b2cc42d345aa6177

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-content.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:28 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 0
content-type: image/png
content-length: 4694
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Jul 2021 11:24:13 GMT
server: cloudflare
etag: "1256-5c65e8b7cf140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 54872964
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 7235d20b4b05692b-FRA
expires: Thu, 30 Jun 2022 08:11:53 GMT

GET
H2 200 ic_whatapp_32.png
orientaldaily.on.cc/img/v3/ 5 KB
5 KB 35ms
34ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/ic_whatapp_32.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-content.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b5d4b4b81b4c4c46f266dde325b84e7856fc9dd0bf2e35332edb831ac7afa7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-content.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:28 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 0
content-type: image/png
content-length: 5442
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Jul 2021 11:24:20 GMT
server: cloudflare
etag: "1542-5c65e8be7c100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 176588356 176233742
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7235d20b4b06692b-FRA
expires: Thu, 30 Jun 2022 09:12:22 GMT

GET
H2 200 ic_print_32.png
orientaldaily.on.cc/img/v3/ 4 KB
4 KB 36ms
35ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/ic_print_32.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-content.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed3376d25fca09028fe41665e52559bb88177ac13dfbbeac9dd28716bc0df000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-content.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:28 GMT
cf-cache-status: HIT
x-cacheable: L08
age: 0
content-type: image/png
content-length: 4419
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Jul 2021 11:23:47 GMT
server: cloudflare
etag: "1143-5c65e89f036c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 47814394
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 7235d20b5b22692b-FRA
expires: Thu, 30 Jun 2022 09:11:54 GMT

GET
H2 200 ic_t_small_32.png
orientaldaily.on.cc/img/v3/ 4 KB
4 KB 39ms
38ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/ic_t_small_32.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-content.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d3c30ad5bbeaddf13c0962cc3586228e77b2f343d3e76e8655e4a3ee487ed52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-content.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:28 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 0
content-type: image/png
content-length: 3758
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Jul 2021 11:21:47 GMT
server: cloudflare
etag: "eae-5c65e82c928c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 165146553 165146258
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7235d20b5b23692b-FRA
expires: Thu, 30 Jun 2022 08:12:03 GMT

GET
H2 200 ic_t_large_32.png
orientaldaily.on.cc/img/v3/ 4 KB
4 KB 41ms
41ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/ic_t_large_32.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-content.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7700f3825b7ce6c180c377790acc64597f5f00ab11057bc7a95b2ed704a7e61a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-content.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:28 GMT
cf-cache-status: HIT
x-cacheable: L08
age: 0
content-type: image/png
content-length: 3972
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Jul 2021 11:23:15 GMT
server: cloudflare
etag: "f84-5c65e8807eec0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 101346084 96204959
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7235d20b5b24692b-FRA
expires: Thu, 30 Jun 2022 08:12:33 GMT

GET
H2 200 stock_icon_56.png
orientaldaily.on.cc/img/v3/ 3 KB
3 KB 298ms
298ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/stock_icon_56.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-content.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9182241c0821b88dcd3047e50f7301863c71e00818b20ac639cb469a375f2482

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-content.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:28 GMT
cf-cache-status: HIT
x-cacheable: L08
content-type: image/png
content-length: 3238
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 06 Jul 2021 07:48:46 GMT
server: cloudflare
etag: "ca6-5c66fa6d1f380"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 117015914 116764487
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7235d20b5b25692b-FRA
expires: Thu, 30 Jun 2022 09:14:05 GMT

GET
H2 200 pubads_impl_2022062701.js Show response
securepubads.g.doubleclick.net/gpt/ 373 KB
127 KB 39ms
38ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

01fb24629611503ba4ea42ea9d94c1b82449d62985a6087c5e22e9e38b9b0ff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 08:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3288
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130259
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:39:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 30 Jun 2023 08:24:40 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 161 B
137 B 127ms
48ms XHR
application/json 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=orientaldaily.on.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

18576f2a2f7116a6915d3f562fea7b859337c27795401799a9e2ac6c1d8816b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 0
expires: Thu, 30 Jun 2022 09:19:28 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ 62 KB
23 KB 39ms
39ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ed589f2773c7f62a29c7691a961a85c95ac374c666dec2d6eb6a1abd0350a65e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 858
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23708
x-xss-protection: 0
server: cafe
etag: 12776144751522492165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 10:05:10 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 125ms
44ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 132ms
50ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 462 B
275 B 338ms
337ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=203634787387024&correlator=2209777629676366&eid=31067917%2C31068250%2C42531605%2C31061691%2C31061693&output=ldjh&gdfp_req=1&vrg=2022062701&ptt=17&impl=fifs&iu_parts=21589405%2Cca-pub-1862194061110379-tag%2C5115821242&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=3810736027&sfv=1-0-38&ecs=20220630&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1656580768821&lmt=1656580768&dlt=1656580766433&idt=2356&biw=1600&bih=1200&adxs=436&adys=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&rumc=203634787387024&rume=1&frm=20&vis=1&scr_x=0&scr_y=0&psz=1000x-1&msz=1000x-1&fws=0&ohw=0&ga_vid=965798538.1656580769&ga_sid=1656580769&ga_hid=15067015&ga_fc=false&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ba104e26f1a58422fd026da949455e4adba721a24790fda4fc5da242879ba77d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 245
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://orientaldaily.on.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9B93 6 KB
4 KB 156ms
49ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 09:19:28 GMT
expires: Fri, 30 Jun 2023 09:19:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ajs.php Show response
ad4.on.cc/web/www/delivery/ 780 B
507 B 254ms
253ms Script
text/javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=1122
Requested by: Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=1105&adScreenW=1600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c920a15d16d7dee9a33b74d828f2d11e183b5d9c3f09372403d2476d5bb8a6a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Jun 2022 09:19:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
cf-ray: 7235d20d3e0e692b-FRA
content-type: text/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 lg.php
ad4.on.cc/web/www/delivery/ 43 B
136 B 248ms
246ms Image
image/gif 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4.on.cc/web/www/delivery/lg.php?bannerid=6439&campaignid=3459&zoneid=1105&loc=1&referer=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&cb=a88f7a4a47
Requested by: Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=1105&adScreenW=1600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:29 GMT
cf-cache-status: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
content-length: 43
pragma: no-cache
last-modified: Thu, 30 Jun 2022 09:19:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
accept-ranges: bytes
cf-ray: 7235d20d3e12692b-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 tag Show response
a.teads.tv/page/134375/ 790 B
689 B 44ms
22ms Script
application/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/134375/tag
Requested by: Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=1122
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ea7e05189d5512150dd04b56e523912e88c39d276da17c0e56ba2356ba785d64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:29 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 489
expires: Thu, 30 Jun 2022 10:19:29 GMT

GET
H2 200 lg.php
ad4.on.cc/web/www/delivery/ 43 B
191 B 227ms
226ms Image
image/gif 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4.on.cc/web/www/delivery/lg.php?bannerid=6455&campaignid=2623&zoneid=1122&loc=1&referer=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&cb=1385468a0c
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:29 GMT
cf-cache-status: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
content-length: 43
pragma: no-cache
last-modified: Thu, 30 Jun 2022 09:19:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
accept-ranges: bytes
cf-ray: 7235d20ed841692b-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 132ms
51ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 131ms
49ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 474 B
297 B 615ms
615ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=203634787387024&correlator=2209777629676366&eid=31067917%2C31068250%2C42531605%2C31061691%2C31061693&output=ldjh&gdfp_req=1&vrg=2022062701&ptt=17&impl=fifs&iu_parts=21589405%2Cca-pub-1862194061110379-tag%2CODN_ROS_inRead_LREC_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=2&adks=2736857423&sfv=1-0-38&ecs=20220630&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1656580769098&lmt=1656580769&dlt=1656580766433&idt=2356&biw=1600&bih=1200&adxs=318&adys=1024&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&rumc=203634787387024&rume=1&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x250&fws=0&ohw=0&ga_vid=965798538.1656580769&ga_sid=1656580769&ga_hid=15067015&ga_fc=false&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

80abecfc5aa1510600d13b4ee625ed5a4a115d6bbfdf6009cf2dc3489f2b1217

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 267
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://orientaldaily.on.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 474 B
296 B 1415ms
1414ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=203634787387024&correlator=2209777629676366&eid=31067917%2C31068250%2C42531605%2C31061691%2C31061693&output=ldjh&gdfp_req=1&vrg=2022062701&ptt=17&impl=fifs&iu_parts=21589405%2Cca-pub-1862194061110379-tag%2CODN_ROS_inRead_LREC_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=3&adks=364997429&sfv=1-0-38&ecs=20220630&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1656580769104&lmt=1656580769&dlt=1656580766433&idt=2356&biw=1600&bih=1200&adxs=627&adys=1024&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&rumc=203634787387024&rume=1&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x250&fws=0&ohw=0&ga_vid=965798538.1656580769&ga_sid=1656580769&ga_hid=15067015&ga_fc=false&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

395a0f34c60772ef9d0d85edc258e3e2fa60c919344ae15f53f30df0cad8cad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 266
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://orientaldaily.on.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ajs.php Show response
ad4.on.cc/web/www/delivery/ 5 KB
1 KB 835ms
835ms Script
text/javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=1106&adScreenW=1600
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-banner.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e35779ee84a092118ffd989f9151fe568a3914da752c1e0047b7b76eb1e5d78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Jun 2022 09:19:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
cf-ray: 7235d20ef865692b-FRA
content-type: text/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ 600 KB
132 KB 8ms
8ms Script
text/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/134375/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bb6671cf0cbb1c9bc49301806f6d40330f28492a49ea5f9ab42a9c4e2975d26f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 30 Jun 2022 09:19:29 GMT
content-encoding: br
last-modified: Wed, 29 Jun 2022 13:33:43 GMT
x-amz-request-id: 83QQF0E9NDRB2A5P
etag: "d422b28c494be8ad5133cd4588020db7"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: f
accept-ranges: bytes
content-length: 134138
x-amz-id-2: QXIWi6/nTVHTrzJcmnNvMmG5q4/ODtBPLZzbJpjJMNxf9ginrKbD7n1SVYl1/Uu42gJLOE5Q804=
expires: Thu, 30 Jun 2022 09:49:29 GMT

GET
H2 200 lg.php
ad4.on.cc/web/www/delivery/ 43 B
105 B 261ms
260ms Image
image/gif 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4.on.cc/web/www/delivery/lg.php?bannerid=6283&campaignid=3459&zoneid=1106&loc=1&referer=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&cb=7ab6ec5b30
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:30 GMT
cf-cache-status: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
content-length: 43
pragma: no-cache
last-modified: Thu, 30 Jun 2022 09:19:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
accept-ranges: bytes
cf-ray: 7235d2143fd6692b-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 47ms
46ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 52ms
52ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 457 B
282 B 889ms
889ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=203634787387024&correlator=2209777629676366&eid=31067917%2C31068250%2C42531605%2C31061691%2C31061693&output=ldjh&gdfp_req=1&vrg=2022062701&ptt=17&impl=fifs&iu_parts=21589405%2Cca-pub-1862194061110379-tag%2CODN_ROS_inRead_LREC_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=4&adks=2538507356&sfv=1-0-38&ecs=20220630&fsapi=false&sc=1&cookie=ID%3D1eb916856b026e57-2257c202c3cd0094%3AT%3D1656580769%3AS%3DALNI_MY_rafsPV856l8_T5vBsZ_5L7zNMw&abxe=1&dt=1656580769951&lmt=1656580769&dlt=1656580766433&idt=2356&biw=1600&bih=1200&adxs=473&adys=1841&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&rumc=203634787387024&rume=1&frm=20&vis=1&scr_x=0&scr_y=0&psz=609x0&msz=609x0&fws=0&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=965798538.1656580769&ga_sid=1656580769&ga_hid=15067015&ga_fc=false&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

3ec407c21aabac0d60779a5fb5e2fa704479d2a474e3b7171dc79293e99c45a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 251
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://orientaldaily.on.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK orientaldaily_hk.js Show response
api.popin.cc/searchbox/ 121 KB
33 KB 1274ms
524ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/searchbox/orientaldaily_hk.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 6ce9771f22be75ec6fd91a7c31765ce43cf2949b2fa81cba48416569443eb5f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 09:19:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Jun 2022 09:45:48 GMT
Server: nginx
ETag: W/"c27c372ffcfb81c8a34b096300589d44"
X-Cache-Status: HIT from 10.252.55.44
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: wcVkZxm4adgGA0wVHLhQKFz.S67BrUDl
Expires: Thu, 30 Jun 2022 10:19:30 GMT

GET
H2 200 ajs.php Show response
ad4.on.cc/web/www/delivery/ 3 KB
1 KB 232ms
231ms Script
text/javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=697&adScreenW=1600
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-banner.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 202f8ae348401e13c3980134f27c2728cd3777f881db4716481f246afd150a34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:30 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Jun 2022 09:19:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
cf-ray: 7235d2143fe2692b-FRA
content-type: text/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 postscribe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/ 17 KB
6 KB 31ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js

Requested by

Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=697&adScreenW=1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe95a4c752590b7e2d5296446643300206175ff9312c477057c1c9dec02e9f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 30 Jun 2022 09:19:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4775692
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4996
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03faa-43d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7bbkzI0joBpLzR8keAgmXBEqcQ%2BoLobKSfgypfM0RGiNIW8q7QEPELK%2BuNx5I0R6Mbu4UVUwUvBnwR1IaUoHJamk9jg0u6oITDPmbN8aD%2FVj7T488d%2FWkiulPS6NhbCe8AIseTPi9l608gOawHi4jl73"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7235d215dea85bf5-FRA
expires: Tue, 20 Jun 2023 09:19:30 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
27 KB 57ms
56ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=697&adScreenW=1600

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

35019316f13954f4258a8b048c51ae4cbc126bd15b26c3707aaef60debd9cc1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28075
x-xss-protection: 0
server: sffe
etag: "1259 / 161 of 1000 / last-modified: 1656578599"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 30 Jun 2022 09:19:30 GMT

GET
H2 200 lg.php
ad4.on.cc/web/www/delivery/ 43 B
105 B 238ms
238ms Image
image/gif 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4.on.cc/web/www/delivery/lg.php?bannerid=6300&campaignid=367&zoneid=697&loc=1&referer=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&cb=50a199ac1f
Requested by: Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=697&adScreenW=1600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:30 GMT
cf-cache-status: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
content-length: 43
pragma: no-cache
last-modified: Thu, 30 Jun 2022 09:19:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
accept-ranges: bytes
cf-ray: 7235d215b9d7692b-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 48ms
47ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 48ms
48ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 451 B
275 B 1019ms
1019ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=203634787387024&correlator=2209777629676366&eid=31067917%2C31068250%2C42531605%2C31061691%2C31061693&output=ldjh&gdfp_req=1&vrg=2022062701&ptt=17&impl=fifs&iu_parts=21589405%2Cca-pub-1862194061110379-tag%2CODN_ROS_300x600&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250&ifi=5&adks=587134436&sfv=1-0-38&ecs=20220630&fsapi=false&sc=1&cookie=ID%3D1eb916856b026e57-2257c202c3cd0094%3AT%3D1656580769%3AS%3DALNI_MY_rafsPV856l8_T5vBsZ_5L7zNMw&abxe=1&dt=1656580770230&lmt=1656580770&dlt=1656580766433&idt=2356&biw=1600&bih=1200&adxs=990&adys=224&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&rumc=203634787387024&rume=1&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x250&fws=0&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=965798538.1656580769&ga_sid=1656580769&ga_hid=15067015&ga_fc=false&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

4eab78d88f813c020b7df8dfcee7b1d3f2f20f2bf15f9f5979ec5c7d2c628b93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://orientaldaily.on.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ajs.php Show response
ad4.on.cc/web/www/delivery/ 6 KB
2 KB 233ms
233ms Script
text/javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=695&adScreenW=1600
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-banner.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dfad8a188d99fe64b68526d69a2ee9edfdbaf5a4d8ca041e0a1ce7f18be4425

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:30 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Jun 2022 09:19:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
cf-ray: 7235d215fa3d692b-FRA
content-type: text/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 163 KB
55 KB 138ms
60ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3571272074788370

Requested by

Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=695&adScreenW=1600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6de2821eb42d0f883a736bb4955b2da02e0ba46794dc618ab35e7b38ad389f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Origin: https://orientaldaily.on.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56375
x-xss-protection: 0
server: cafe
etag: 12867130499915624033
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 09:19:30 GMT

GET
H2 200 floatingCloseBtn.png
ad6.on.cc/web/html/ 2 KB
2 KB 28ms
27ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad6.on.cc/web/html/floatingCloseBtn.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be65b1c567e1f7558833b17c954318334b0e687a81cf4b77978460c58d210561

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:30 GMT
cf-cache-status: HIT
x-cacheable: L04
age: 9929
content-length: 1859
x-varnish: 70565312 66879178
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 17 Jul 2014 09:48:29 GMT
server: cloudflare
etag: "743-4fe608afd1540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=21600, s-maxage=21600
accept-ranges: bytes
cf-ray: 7235d2177c4d692b-FRA

GET
H2 200 lg.php
ad4.on.cc/web/www/delivery/ 43 B
105 B 253ms
252ms Image
image/gif 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4.on.cc/web/www/delivery/lg.php?bannerid=6631&campaignid=2168&zoneid=695&loc=1&referer=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&cb=ad7555f12b
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:30 GMT
cf-cache-status: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
content-length: 43
pragma: no-cache
last-modified: Thu, 30 Jun 2022 09:19:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
accept-ranges: bytes
cf-ray: 7235d2177c4e692b-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 47ms
47ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 49ms
48ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
10 KB 1098ms
1098ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=203634787387024&correlator=2209777629676366&eid=31067917%2C31068250%2C42531605%2C31061691%2C31061693&output=ldjh&gdfp_req=1&vrg=2022062701&ptt=17&impl=fifs&iu_parts=21589405%2Cca-pub-1862194061110379-tag%2C7647740102&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=6&adks=2411272266&sfv=1-0-38&ecs=20220630&fsapi=false&sc=1&cookie=ID%3D1eb916856b026e57-2257c202c3cd0094%3AT%3D1656580769%3AS%3DALNI_MY_rafsPV856l8_T5vBsZ_5L7zNMw&abxe=1&dt=1656580770477&lmt=1656580770&dlt=1656580766433&idt=2356&biw=1600&bih=1200&adxs=0&adys=950&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&rumc=203634787387024&rume=1&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&fws=512&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=965798538.1656580769&ga_sid=1656580769&ga_hid=15067015&ga_fc=false&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

a495678c89d05e802b84fd2800489a1e88c55965ccd3f86f1a135be0d2b5075c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10373
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://orientaldaily.on.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ajs.php Show response
ad4.on.cc/web/www/delivery/ 3 KB
1 KB 272ms
272ms Script
text/javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=700&adScreenW=1600
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-banner.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d06efef817e189ebc1a9d4a2c74240758b3e7a5546c4ed5a0e114ecb8f75793

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:30 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Jun 2022 09:19:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
cf-ray: 7235d2178c61692b-FRA
content-type: text/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/ 339 KB
120 KB 142ms
68ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3571272074788370&plah=orientaldaily.on.cc&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.9&asptt=-1&easpi=true&asro=false&easai=false

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6140d1d63ab65dcd9bb879fca4815ee8072adf199abdba107021b6950d16ac7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122458
x-xss-protection: 0
server: cafe
etag: 8345667670294157839
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 09:19:30 GMT

GET
H2 200 lg.php
ad4.on.cc/web/www/delivery/ 43 B
219 B 256ms
256ms Image
image/gif 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4.on.cc/web/www/delivery/lg.php?bannerid=6440&campaignid=367&zoneid=700&loc=1&referer=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&cb=f255089dbb
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
content-length: 43
pragma: no-cache
last-modified: Thu, 30 Jun 2022 09:19:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
accept-ranges: bytes
cf-ray: 7235d2194f26692b-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 50ms
50ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 48ms
48ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 897 B
299 B 1093ms
1093ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=203634787387024&correlator=2209777629676366&eid=31067917%2C31068250%2C42531605%2C31061691%2C31061693&output=ldjh&gdfp_req=1&vrg=2022062701&ptt=17&impl=fifs&iu_parts=21589405%2Cca-pub-1862194061110379-tag%2CODN_ROS_160x600%2C3812980652&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=120x240%7C120x600%7C160x600%2C300x250&ifi=8&adks=2228334386%2C187816107&sfv=1-0-38&ecs=20220630&fsapi=false&sc=1&cookie=ID%3D7a6045127e940fb5-22c4a9e8c2cd0089%3AT%3D1656580769%3AS%3DALNI_Ma_-f0Hic53s-ie2EkYmEd9znmhAA&abxe=1&dt=1656580770767&lmt=1656580770&dlt=1656580766433&idt=2356&biw=1600&bih=1200&adxs=150%2C990&adys=572%2C865&ucis=7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&rumc=203634787387024&rume=1&frm=20&vis=1&scr_x=0&scr_y=0&psz=160x-1%7C300x255&msz=160x-1%7C300x0&fws=512%2C0&ohw=0%2C0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=965798538.1656580769&ga_sid=1656580769&ga_hid=15067015&ga_fc=false&btvi=0%7C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ae3a52c553167c19aa49bd59a0e25f7d89296b539e763c02d3ed1ebcea6b7852

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 268
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://orientaldaily.on.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 search_odn.png
orientaldaily.on.cc/img/v3/ 2 KB
3 KB 31ms
31ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/search_odn.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-common.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb34cfc714990dfc7c8b1e82f6ef39a654e92384973be4d3168964f8fd76d5c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-common.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:30 GMT
cf-cache-status: HIT
x-cacheable: L08
age: 1
content-type: image/png
content-length: 2462
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 05:08:40 GMT
server: cloudflare
etag: "99e-5c165f46a0600"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 86249184
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 7235d2196f4b692b-FRA
expires: Thu, 30 Jun 2022 08:12:14 GMT

GET
H2 200 back_to_top.png
orientaldaily.on.cc/img/v3/ 2 KB
2 KB 801ms
800ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/back_to_top.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-common.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1800b1aae8b82ca1b555d3a270660961aa37a1a0d27f9f84497dcd773fda3d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-common.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: L08
content-type: image/png
content-length: 1669
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 31 May 2021 08:24:40 GMT
server: cloudflare
etag: "685-5c39bf4ebe200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 108654108 109293065
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7235d2196f4c692b-FRA
expires: Thu, 30 Jun 2022 07:43:35 GMT

GET
H2 200 track
t.teads.tv/ 23 B
113 B 66ms
44ms Image
image/gif 23.35.229.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=669be1ea-7442-4a79-a868-61967c98a1e8&pageId=134375&pid=147521&debug_metadata=cjk3Nt7W5J&fv=1046&ts=1656580770793&f=1&referer=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:30 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 74ms
53ms Image
image/gif 23.35.229.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=669be1ea-7442-4a79-a868-61967c98a1e8&pageId=134375&pid=147521&slot=native&fv=1046&ts=1656580770802&f=1&referer=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:30 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 ad Show response
a.teads.tv/page/134375/ 541 B
573 B 46ms
45ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/134375/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&page=%7B%22id%22%3A134375%2C%22placements%22%3A%5B%7B%22id%22%3A147521%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A609%2C%22height%22%3A343%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=669be1ea-7442-4a79-a868-61967c98a1e8&formatVersion=1046&env=js-web&netBw=10&ttfb=862
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 01101f7383b822ce24d4f2cb22260f25e1536bda83c1872e391a12e5d31f264b

Request headers

Accept: application/json; charset=UTF-8
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:30 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://orientaldaily.on.cc
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 364
expires: Thu, 30 Jun 2022 09:19:30 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 28ms
9ms Script
application/javascript 13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js?t=2022530
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 00:19:42 GMT
content-encoding: gzip
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified: Thu, 09 Jun 2022 14:24:43 GMT
server: AmazonS3
age: 68043
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: q4maekyImOwk2vwF3czmdq0WQqPqDo-3KH4s-3fhZKRT51Xm96AC7A==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 101ms
31ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1402
date: Thu, 30 Jun 2022 08:56:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 30 Jun 2022 10:56:08 GMT

GET
H2 200 config.common.min.js Show response
orientaldaily.on.cc/js/v3/ 2 KB
1 KB 222ms
220ms Script
application/x-javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/config.common.min.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/require.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98f79e72e80267adf8bf25528117eed154dff966cb31838d3c002362ac838bec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
content-type: application/x-javascript
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 22 Jul 2021 02:49:21 GMT
server: cloudflare
etag: W/"751-5c7ad557bce40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 73053735
cache-control: public, max-age=120, s-maxage=3600
cf-ray: 7235d2199fa3692b-FRA
expires: Thu, 30 Jun 2022 08:12:10 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
327 B 155ms
69ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~l50tf1w5&c=203634787387024&e=31067917%2C31068250%2C42531605%2C31061691%2C31061693&ctx=1&met.3=166.1ey_k~74.2io_1~947.2ip~43.2ip~947.2ip~6.2ip~91.2iq~947.2iq~95.2iq_1~77.2in_4~724.2it_1~724.2iu~896.2iz~894.2j0~808.2jm~808.2jm~112.2k9_2~74.2qv~947.2qv~43.2qv~947.2qw~6.2qw~91.2qw~76.2qv_1~724.2qw~947.2qw~95.2qw_1~76.2qw_1~896.2qy~894.2qy~808.2r5~808.2r5~74.2r5~947.2r6~43.2r6~947.2r6~6.2r6~91.2r6~76.2r5~724.2r6~947.2r6~95.2r6~76.2r6~896.2r6~894.2r7~808.2rb~808.2rb~646.2tx_1~800.2ty~800.2ty~800.2tz~800.2tz~800.2u0~801.2u0~825.2u0~801.2u0~355.2u0~825.2u0~647.2u1~965.2u1~646.389~800.38a~800.38a~800.38b~800.38b~800.38b~801.38b~825.38b~801.38b~355.38b~825.38b~647.38b~965.38b~947.3el~6.3el~947.3el~9.3el~91.3el~947.3el~86.3el~947.3el~86.3el~76.3el~74.3em~947.3em~43.3em~53.3em~947.3em~95.3em~76.3el_1~724.3em_1~896.3en~894.3eo~808.3eu~808.3eu~74.3me~947.3me~43.3me~947.3me~6.3me~91.3me~76.3me~724.3me~947.3me~95.3me_1~76.3me_1~896.3mf~894.3mf~808.3mm~808.3mm~74.3t6~947.3t6~43.3t6~947.3t7~6.3t7~91.3t7~76.3t6_1~947.3t7~95.3t7~76.3t7_1~74.3t8~947.3t8~43.3t8~947.3t8~14.3t8~91.3t8~76.3t7~724.3t9_1~724.3ta~896.3tb~894.3tb~808.3ti~808.3ti~646.3un~800.3un~800.3un~800.3uo~800.3uo~800.3uo~801.3uo~825.3uo~801.3uo~355.3uo~825.3uo~708.3uo~647.3up~965.3up~1001.3yp__1~164.3yq_1~165.3yo_3~166.3yj_8~74.418~947.419~43.419~947.419~6.419~947.419~14.419~91.419~76.418_1~947.41a~95.419_1~76.419_1~724.41a_1~896.41c~894.41c~808.41k~808.41k~808.41k~808.41k~166.41m_2~334.42k&met.9=1.2f9~2.2ii~13.2iz~9.0~3_1.2jl~7_1.0~9.0~3_2.2r5~7_2.0~9.0~3_4.2rb~7_4.0~4_1.2tx~5_1.2u0~4_2.389~5_2.38b~9.0~3_7.3et~7_7.0~9.0~3_11.3ml~7_11.0~9.0~3_16.3th~7_16.0~4_4.3un~5_4.3uo~9.0~3_22.41k~7_22.0~7_23.0&met.10=1_1.IMoZEJC_BQiQvwUYgJh1KAE~1_7.IMciEAAIABiAmHUoAA~1_22.INkmEICsAgiArAIYgJh1KAE~1_16.INkmEPjJBAj4yQQYgJh1KAE~1_23.IPkoEAAIABiAmHUoAQ~1_4.IJ8pELObAwj4yQQYgJh1KAE~1_11.IJ8pEPjJBAj4yQQYgJh1KAE~1_2.IJ8pELObAwj4yQQYgJh1KAE&met.7=CBsQCMABvJvM-wI~CBsQByCIBzgqwAGcp6n2CQ~CBsQByCIBzglwAHLq6jTCQ~CBsQByCIBzgpwAGnup_UBg~CBsQByCIBzgowAHs4beKDQ~CBsQByCIBzgqwAGuhKmBBQ~CBsQByCIBzgswAGtlaPYBg~CBsQCiCJBzjwAcAB29PqrA4~CBsQCiCJBzgkwAGOge7TDQ~CBsQBiCJBzjpA8ABgvSkpgQ~CBsQBiCJBzjDBMABwaeD9gM~CBsQBiCJBzjuBcAB5JKH4Q0~CBsQBiCJBzi2B8ABrszvlQ4~CBsQBiCJBzi_B8ABzNPGrA8~CBsQBiCJBzjgBcAB993E5Ag~CBsQBiCJBzjtBcABlPL-vw4~CBsQBiCJBziwB8ABx9z0-Aw~CBsQBiCKBzj8BcAB1MemggI~CBsQBiCKBzj1BcAB-ceGCQ~CBsQBiCKBzjJB8ABlKL4wgg~CBsQCiCKBziTB8AB2ae0-AM~CBsQCiD6CDgpwAGq99HUDA~CBsQCiD6CDgrwAGXhpHkCg~CBsQCiD7CDgrwAHE7efFBw~CBsQCiD7CDgswAGxpunADQ~CBsQCiD7CDgowAHVifqzBw~CBsQCiD7CDg4wAG08YKVCQ~CBsQChgBIPwIKPwIML4KOMIBwAGFnrzqDw~CBsQCiC3CTjzAcABkqmh-gg~CBsQCiC3CTiDBcABybypOw~CBsQCiC3CTj3CcABp8z_hgU~CBsQCiC4CTjqAcABp4r-wgw~CBsQByC4CTgdwAG8kNTuBA~CBsQByC4CTgcwAGNuJzZDg~CBsQBiC4CTjNA8ABwOHjeg~CBsQDSDBCzgxwAG1ocyYAQ~CBsQDSD0CzgbwAH72p_SCg~CBsQCiCRDDhswAGVrYDaAw~CBsQDSCSDDgjwAHKnt3sDg~CAEQChgBILYMKLYMMKUOOO8BQMkMSMsMUMsMWJ4NYO4MaJ4NcOkNeNG6A4ABpbgDiAGSlQqwAQG4AQPAAd6Ov5sB~CBsQByC_DDj9AcAB9ea7swo~CBsQCiDADDjOCsAB5anOzwo~CBsQAiDBDDgxwAGSqZqaDw~CBsQAiDBDDhBwAGl-5_pDw~CBsQAiDBDDg9wAGejP-0CA~CBsQAiDBDDhAwAHP6vWxCQ~CBsQAiDBDDhYwAGBzI7_DQ~CBsQAiDCDDhhwAGgoYXJAQ~CBsQAiDCDDhnwAHD_NniBg~CBsQAiDCDDhtwAHBys3rCw~CBsQAiDCDDh9wAGY09z4BA~CBsQAiDCDDiGAcABoIKz8Aw~CBsQAiDCDDiNAcABypLT7Ao~CBsQAiDCDDiGAcAB7KO_9wQ~CBsQAiDCDDiYAcABuseH-Q8~CBsQAiDCDDiiAcAB2P2skgM~CBsQAiDCDDipAcABhcTHmAY~CBsQAiDCDDiqAcABoILG7QY~CBsQAiDCDDjNAcABicGa9Qs~CBsQAiDCDDjAAcABn5jDhw8~CBsQAiDDDDjMAcABj5XwpQM~CBsQAiDDDDjTAcAB6rL8kAc~CBsQAiDDDDjdAcABtsLAnQs~CBsQAiDDDDjsAcABjLHCnQk~CBsQAiDDDDjzAcABgKrRpgI~CBsQAiDDDDj7AcABzsiazwk~CBsQAiDDDDj5AcAB9d3kwQk~CBsQAiDDDDiPAsAB29vcsAs~CBsQAiDDDDiQAsABzceT2gQ~CBsQAiDDDDiRAsAB5sShmAU~CBsQAiDDDDiSAsABz7SxpAo~CAwQBRgBIL4OKL4OMLkPOHtAwA5IwA5QwA5Ykg9g4w5okg9wuQ946iSAAb4iiAHqTLABAbgBA8ABqvi69A0~CBsQByCvEzgdwAHB8N6RCQ~CDsQChgBIJAXKJAXMLkYOKkBQJAXSJEXUJEXWOIXYLQXaOIXcJMYeNfdAYABq9sBiAGoigWwAQG4AQPAAeLN6pYJ~CBsQBiCQFzjzAcAB_IDvGQ~CBsQAiCXFzgjwAHSkZqOBQ~CBsQBiCnFzgfwAG9up-bBQ~CBsQBiCnFzgfwAHHsJ9S~CBsQBiCnFzgswAHVrJThAQ~CBsQBiCnFzggwAHKmcz2Bg~CBsQBiCoFzgfwAG9_ZrbBA~CBsQCiCoFzieAsAB5anOzwo~CBsQAiCpFzgtwAGSjqvcDQ~CBsQAiCpFzgiwAGRitXDAg~CBsQAiCqFzgnwAHdsu6ZCg~CBsQAiCqFzgkwAHDod7rCg~CBsQAiCqFzgmwAHU2LbsBA~CBsQAiCqFzgnwAGLnJvoDQ~CBsQAiCqFzgqwAGbtYS6Ag~CBsQAiCrFzirAsABnZTv5gk~CA4QChgBIMUYKMUYMLEZOGxoxhhw7Bh4__sHgAHT-QeIAeqmF7ABAbgBA8AB35P4pgQ~CDwQDRgBIMcYKMcYMMcZOIABUMgYWJYZYMgYaJYZcMYZeJwDgAFwiAGhAbABAbgBA8AB6NSvzQk~CCgQChgBIMUZKMUZMPcZODJoxRlw7Bl4yLsBgAGcuQGIAfDsA7ABAbgBA8ABm-H6cA~CC8QBxgBIM8ZKM8ZMM0aOH5AzxlI0BlQ0BlYoBpg8xlooBpwzBp4kAOAAWSIAWuwAQG4AQPAAe21srAK~CC8QBxgBIM8ZKM8ZMNQaOIUBQNAZSNAZUNAZWKIaYPMZaKIacNQaeJADgAFkiAFrsAEBuAEDwAGb_4nHBw~CBsQBRgBIOQZKOQZMIMbOJ8BQOUZSPkZUPkZWNAaYJ4aaNEacIEbeNAagAGkGIgBzi-wAQG4AQPAAf7mp-YM~CBsQBiDlGTj5AcAB_IDvGQ~CBsQCiDlGTj_AcAB5anOzwo~CBsQCiDlGzgtwAGB8_FR~CBsQCiCTHDgZwAGwrNHoBw~CA8QDRgBIOEZKOEZMLQcONMCaOIZcLMceKEEgAH1AYgBzgOwAQG4AQPAAb_emusG~CC8QBxgBIOsbKOsbMPAcOIUBUOsbWLwcYOsbaL0ccO8ceJADgAFkiAFrsAEBuAEDwAHttbKwCg~CC8QBxgBIOsbKOsbMPAcOIUBUOwbWL4cYOwbaL4ccO8ceJADgAFkiAFrsAEBuAEDwAGb_4nHBw~CBsQBiDlGzjjAcAB_IDvGQ~CA8QDRgBIPEbKPEbMNogOOoEaPEbcNggeLcEgAGLAogB2gOwAQG4AQPAAb_emusG~CBsQCiD4GzjEBsAB5anOzwo~CC8QBxgBIMAiKMAiMPAiODBowSJw7yJ4kAOAAWSIAWuwAQG4AQPAAe21srAK~CC8QBxgBIMEiKMEiMPYiODVowSJw9SJ4kAOAAWSIAWuwAQG4AQPAAZv_iccH~CBsQCiDIIjjpAcAB5anOzwo~CBsQBiC_IjiGAsAB_IDvGQ~CBsQCiCyJDghwAH6_czNBg~CDsQChgBILMkKLMkMPgkOEVotCRw7CR4190BgAGr2wGIAaiKBbABAbgBA8AB4s3qlgk~CC8QBxgBINgkKNgkMIklODFo2SRwiCV4kAOAAWSIAWuwAQG4AQPAAe21srAK~CC8QBxgBINgkKNgkMIklODFo2SRwiSV4kAOAAWSIAWuwAQG4AQPAAZv_iccH~CBsQBiCzJDjvAcAB_IDvGQ~CBsQCiDeJDjqAcAB5anOzwo~CBsQBiDNJjgdwAG7oIWRDQ~CA8QDRgBIPcbKPcbMP8mOIgLaPgbcP4meLYEgAGKAogB2gOwAQG4AQPAAb_emusG~CC8QBxgBINAmKNAmMP8mODBo0CZw_yZ4kAOAAWSIAWuwAQG4AQPAAe21srAK~CC8QBxgBINAmKNAmMIEnODFo0CZwgSd4kAOAAWSIAWuwAQG4AQPAAZv_iccH~CAEQChgBIMwmKMwmMIYoOLkBUM0mWJonYM0maJsncNcneOO6A4ABt7gDiAGilQqwAQG4AQPAAd6Ov5sB~CBsQBiDOJjj-AcAB_IDvGQ~CBsQCiDaJjiRAsAB5anOzwo~CBsQAiD-KDggwAHvzoPMBA~CC8QBxgBIPEoKPEoMKMpODJo8ShwoSl4kAOAAWSIAWuwAQG4AQPAAZv_iccH&qqid.1=CJHyk6Ls1PgCFTE94AodlVcBZw&qqid.2=CJbXpKLs1PgCFYdq4Aod1aYJPA&qqid.4=CMP3pKLs1PgCFclK4AodOhsIGA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 8ms
8ms Image
text/plain 13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=7914332&c3=&c4=&c5=&c6=&c15=&cs_it=b3&cv=3.8.0.210223&ns__t=1656580770837&ns_c=UTF-8&c7=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&c8=%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE%20-%20%E6%9D%B1%E6%96%B9%E6%97%A5%E5%A0%B1&c9=
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:30 GMT
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: DsSKQgPOvwa2WnLuF3vDgLBkIYuFQmcZ_GjACoVa1VFhkouGmPjB1g==
x-cache: Miss from cloudfront

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 209 B
413 B 47ms
47ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=orientaldaily.on.cc&callback=_gfp_s_&client=ca-pub-3571272074788370&cookie=ID%3D1eb916856b026e57%3AT%3D1656580769%3AS%3DALNI_MZFHAHy4KvX4pXnahAxZK-0FK5pFw

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3571272074788370&plah=orientaldaily.on.cc&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.9&asptt=-1&easpi=true&asro=false&easai=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ce2992827ec31555ecc2322286909219f5f67a31a13f8e3d00468a6cab020e35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 49ms
49ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 48ms
48ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 69ms
69ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&tn=DIV&id=floatingLRECholder&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1AF3 0
16 B 201ms
121ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&adk=1812271804&adf=3025194257&lmt=1656580770&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656580770667&bpp=3&bdt=4234&idt=233&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1eb916856b026e57%3AT%3D1656580769%3AS%3DALNI_MZFHAHy4KvX4pXnahAxZK-0FK5pFw&nras=1&correlator=602963358455&rume=1&frm=20&pv=2&ga_vid=965798538.1656580769&ga_sid=1656580769&ga_hid=15067015&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065545%2C31067983%2C44768099%2C42531605%2C31061691%2C31061693&oid=2&pvsid=203634787387024&tmod=726087036&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&dtd=250

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 09:19:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 98ms
37ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=15067015&t=pageview&_s=1&dl=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&ul=en-us&de=UTF-8&dt=%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE%20-%20%E6%9D%B1%E6%96%B9%E6%97%A5%E5%A0%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAAABAAAAAC~&jid=1508090107&gjid=1572683988&cid=965798538.1656580769&tid=UA-57924738-1&_gid=1680515623.1656580771&_r=1&_slc=1&z=712992080

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://orientaldaily.on.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web_btn.png
hk.on.cc/adv/web/corp/img/ 6 KB
6 KB 30ms
30ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/adv/web/corp/img/web_btn.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d00ef9f9dce166845458fc99049b500dd07238787ccc25da41ea7f9ac7fe7b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: Y09
age: 3408
cf-ray: 7235d21ad9ba692b-FRA
content-length: 5752
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Aug 2018 05:34:50 GMT
server: cloudflare
etag: "5b6297fa-1678"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 437048223 437813514
cache-control: public, max-age=7200, s-maxage=14400
accept-ranges: bytes
content-type: image/png

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 57ms
18ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-57924738-1&cid=965798538.1656580769&jid=1508090107&gjid=1572683988&_gid=1680515623.1656580771&_u=IAhAAAAAAAAAAC~&z=194463263

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 30 Jun 2022 09:19:31 GMT
content-type: text/plain
access-control-allow-origin: https://orientaldaily.on.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 odn-content.min.js Show response
orientaldaily.on.cc/js/v3/app/ 10 KB
3 KB 30ms
27ms Script
application/x-javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/app/odn-content.min.js?
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/require.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b076cd3e801782f9dc52ec4eb3f9c3a9c493f26277db261453ae6969f463710f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
age: 1
x-varnish: 84698754 83492245
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jun 2022 03:01:05 GMT
server: cloudflare
etag: W/"264f-5e214aa1ffe40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7235d21b0a17692b-FRA
expires: Thu, 30 Jun 2022 08:34:48 GMT

GET
H2 200 unicorp_v4.js Show response
on.cc/adv/web/corp/source/ 59 KB
14 KB 60ms
57ms Script
application/javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on.cc/adv/web/corp/source/unicorp_v4.js?
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/require.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1f67310a50c4720ca438927ad499f0eb5adf421b8106f950d4b4a3d4a7575ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
age: 1
cf-ray: 7235d21b0a1e692b-FRA
x-host: WL24
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 27 Jan 2022 01:52:16 GMT
server: cloudflare
etag: W/"61f1fad0-ecaf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 97706492 98479136
cache-control: public, max-age=5, s-maxage=5
content-type: application/javascript

GET
H2 200 urchin.js Show response
orientaldaily.on.cc/js/v3/lib/ 18 KB
6 KB 222ms
219ms Script
application/x-javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/lib/urchin.js?
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/require.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab229322552892c8734d333a6b52b479f3d9cf7c8a1fc9cf2d8bd6ba3420284b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
x-varnish: 77666780
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Feb 2012 06:36:24 GMT
server: cloudflare
etag: W/"4661-4b95f83604a00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7235d21b0a1f692b-FRA
expires: Thu, 30 Jun 2022 08:12:43 GMT

GET
H2 200 urchin-lib.js Show response
orientaldaily.on.cc/js/v3/lib/ 1 KB
588 B 32ms
29ms Script
application/x-javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/lib/urchin-lib.js?
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/require.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 202370a6bb2899416c9ae48d85030b16576d76dd43c21af78ca42e2ecae0e8d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
age: 1007
x-varnish: 80972508 79814531
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 24 May 2021 04:21:30 GMT
server: cloudflare
etag: W/"46a-5c30bbe668680"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7235d21b0a21692b-FRA
expires: Thu, 30 Jun 2022 09:12:13 GMT

GET
H2 200 rollSlider.min.js Show response
orientaldaily.on.cc/js/v3/lib/ 5 KB
1 KB 47ms
45ms Script
application/x-javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/lib/rollSlider.min.js?
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/require.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8544fa9f4620e661e6b65d5189b43f284d3a23c1e25b5b6e197ddaf6f36b8ab0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
age: 1
x-varnish: 73653340 80843491
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Dec 2020 05:04:17 GMT
server: cloudflare
etag: W/"1205-5b5600f049640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7235d21b0a22692b-FRA
expires: Thu, 30 Jun 2022 08:42:39 GMT

GET
H2 200 slick.min.js Show response
orientaldaily.on.cc/js/v3/lib/ 42 KB
11 KB 42ms
39ms Script
application/x-javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/lib/slick.min.js?
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/require.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
age: 3427
x-varnish: 80938512 80323217
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 May 2020 02:49:40 GMT
server: cloudflare
etag: W/"a76f-5a5e336da7900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7235d21b0a23692b-FRA
expires: Thu, 30 Jun 2022 08:12:20 GMT

GET
H2 200 bootstrap.min.js Show response
netdna.bootstrapcdn.com/bootstrap/3.1.1/js/ 28 KB
8 KB 40ms
18ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/bootstrap/3.1.1/js/bootstrap.min.js?

Requested by

Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723
age: 7461307
cdn-cachedat: 11/16/2021 09:13:38
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 739b38fabd92f308ba82a953ce2ea6c7
cf-ray: 7235d21b28205c8c-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 photoswipe.min.js Show response
orientaldaily.on.cc/js/v3/lib/photoswipe/ 31 KB
13 KB 39ms
37ms Script
application/x-javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/lib/photoswipe/photoswipe.min.js?
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/require.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 201b64a83ec3a6c9f08e157fbb0d6cbacd971b9fc971c4d4eba6fcefae241cdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
age: 1
x-varnish: 73408975 79902196
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Jun 2021 10:13:23 GMT
server: cloudflare
etag: W/"7c3c-5c466a422b6c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7235d21b3a6a692b-FRA
expires: Thu, 30 Jun 2022 08:55:31 GMT

GET
H2 200 photoswipe-ui-default.min.js Show response
orientaldaily.on.cc/js/v3/lib/photoswipe/ 21 KB
6 KB 34ms
32ms Script
application/x-javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/lib/photoswipe/photoswipe-ui-default.min.js?
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/require.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 710a1d0944895f373adf0e0c726343013e4deb39e09be8e45a276ce8a056368d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
age: 1
x-varnish: 86383923
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Dec 2020 10:28:26 GMT
server: cloudflare
etag: W/"5431-5b6ba91922680"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7235d21b3a74692b-FRA
expires: Thu, 30 Jun 2022 08:12:02 GMT

GET
H2 200 photoswipe.custom.js Show response
orientaldaily.on.cc/js/v3/lib/photoswipe/ 6 KB
2 KB 30ms
28ms Script
application/x-javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/lib/photoswipe/photoswipe.custom.js?
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/require.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30cf6386a0c3b987faa377e1d12974e66af9dc0f0b13377eb4c1f532980033c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
age: 1
x-varnish: 86249194 85437149
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 13 Jul 2021 09:19:45 GMT
server: cloudflare
etag: W/"19dd-5c6fdbd174e40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7235d21b3a77692b-FRA
expires: Thu, 30 Jun 2022 08:38:04 GMT

GET
H2 200 h5player.js Show response
on.cc/module/player/ 304 KB
62 KB 34ms
33ms Script
application/javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on.cc/module/player/h5player.js?
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/require.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0219a5985044cb8f08471d92d7e8aefcfaeef10634fded92940eeebb1c90699

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
age: 1
cf-ray: 7235d21b3a79692b-FRA
x-host: WL25
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 08:19:32 GMT
server: cloudflare
etag: W/"62bd5c94-4bf65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 105640146 117000268
cache-control: max-age=5, s-maxage=5
content-type: application/javascript

GET
H2 200 yahoo_keywords.js Show response
on.cc/adv/web/corp/js/ 4 KB
740 B 26ms
26ms Script
application/javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on.cc/adv/web/corp/js/yahoo_keywords.js
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79c369802018b75882ec40d4896c33c99ff78227d8ccce93357fc8167b32d386

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
age: 4
cf-ray: 7235d21b8acc692b-FRA
x-host: WL24
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Mar 2011 04:11:26 GMT
server: cloudflare
etag: W/"4d76fdee-1198"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 39118395 44131740
cache-control: public, max-age=5, s-maxage=5
content-type: application/javascript

GET
H2 200 unicorp_disclaimer.js Show response
on.cc/adv/web/corp/source/ 4 KB
1 KB 32ms
32ms Script
application/javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on.cc/adv/web/corp/source/unicorp_disclaimer.js
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 112aba6073ee49f1843f50fb5239e2d7c8a004325b50bd7f93ab093cb6b72e4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
age: 4
cf-ray: 7235d21b8ace692b-FRA
x-host: WL24
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 31 Aug 2021 06:55:25 GMT
server: cloudflare
etag: W/"612dd25d-f2a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 45319121 44805635
cache-control: public, max-age=5, s-maxage=5
content-type: application/javascript

GET
H2 200 unicorp_v4.css
on.cc/adv/web/corp/source/ 7 KB
2 KB 32ms
32ms Stylesheet
text/css 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on.cc/adv/web/corp/source/unicorp_v4.css?v=31
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cdfc421265602e0a9c952b7c9e7ee8f58cfbdfb27b0d3649b818ecbb24f8908

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
age: 95
cf-ray: 7235d21b8ad0692b-FRA
x-host: WL25
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 27 May 2020 01:59:01 GMT
server: cloudflare
etag: W/"5ecdc965-1de5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 102167526 142787386
cache-control: public, max-age=30, s-maxage=300
content-type: text/css

GET
H2 200 checkrev.gif
home.on.cc/adv/web/corp/img/ 43 B
213 B 26ms
25ms Image
image/gif 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://home.on.cc/adv/web/corp/img/checkrev.gif
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: L08
age: 13246
cf-ray: 7235d21b8ad1692b-FRA
x-host: WL25
content-length: 43
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Oct 2008 03:57:30 GMT
server: cloudflare
etag: "48fc01aa-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 237732289 235456934
cache-control: max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/gif

GET
H2 200 unicorp_disclaimer.css
hk.on.cc/adv/web/corp/source/ 1 KB
624 B 34ms
33ms Stylesheet
text/css 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hk.on.cc/adv/web/corp/source/unicorp_disclaimer.css
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_disclaimer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89c5d02602316b77d7d50cb7b8a168c10d707994d6f2aba75788365896bf5ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: Y10
age: 3501
cf-ray: 7235d21bbb28692b-FRA
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Aug 2018 06:48:01 GMT
server: cloudflare
etag: W/"5b67ef21-5ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 60058182
cache-control: public, max-age=1800, s-maxage=14400
content-type: text/css

GET
H2 200 iframe_ysm_utf8.html Show response
orientaldaily.on.cc/js/v3/ Frame D68A 529 B
443 B 34ms
34ms Document
text/html 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/iframe_ysm_utf8.html?device=desktop&section=finance&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07678d180e3556e1ae4e871cc3dd15fdb60e60709a79e424f3675af25a648ce8

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: public, max-age=120, s-maxage=3600
cf-cache-status: HIT
cf-ray: 7235d21c7c28692b-FRA
content-encoding: br
content-language: zh-TW
content-type: text/html
date: Thu, 30 Jun 2022 09:19:31 GMT
etag: W/"211-5c7b101175b40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 30 Jun 2022 09:27:40 GMT
last-modified: Thu, 22 Jul 2021 07:12:05 GMT
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Accept-Encoding
x-cacheable: L08
x-varnish: 113891676

GET
H2 200 hitCount_842_UTF8.js Show response
hk.on.cc/hk/bkn/hitcount/web/js/ 106 KB
20 KB 74ms
39ms XHR
application/javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hk.on.cc/hk/bkn/hitcount/web/js/hitCount_842_UTF8.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da41a737f317453c9f00b4e54e379c16a53c794bff375bfd17d418a82481535

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: Y09
age: 0
cf-ray: 7235d21cad739950-FRA
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 09:19:06 GMT
server: cloudflare
etag: W/"62bd6a8a-1a84c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 443449555 442929964
access-control-allow-origin: *
cache-control: public, max-age=5, s-maxage=5
content-type: application/javascript

GET
H2 200 m18_quotebox_bg.png
orientaldaily.on.cc/img/v3/ 12 KB
12 KB 29ms
29ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/m18_quotebox_bg.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-common.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c246f3f250ca5d05f6ff64bce59ae77784df81c151a1c22b9eba36d9e8effd60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-common.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 0
content-type: image/png
content-length: 12451
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 04 Feb 2020 02:26:44 GMT
server: cloudflare
etag: "30a3-59db6c5576100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 56527021 55847178
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 7235d21c7c33692b-FRA
expires: Thu, 30 Jun 2022 09:12:17 GMT

GET
H2 200 search_engine_patt.gif
orientaldaily.on.cc/img/v3/ 1 KB
2 KB 36ms
36ms Image
image/gif 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/search_engine_patt.gif
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-common.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dfaff152d24ca282243ae4f53ae4d50c909e568ada3be8c24ec725ce14f8423

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-common.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: L08
age: 1771
content-type: image/gif
content-length: 1318
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Feb 2013 07:02:10 GMT
server: cloudflare
etag: "526-4d5a9d6656080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 86544276 85437133
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 7235d21c7c38692b-FRA
expires: Thu, 30 Jun 2022 08:12:10 GMT

GET
H2 200 articleVideo_finance.js Show response
orientaldaily.on.cc/asset/finance/20220630/video/ 2 KB
522 B 36ms
36ms XHR
application/x-javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/asset/finance/20220630/video/articleVideo_finance.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 116b0048cad8af91864a4070f8dea17e735cbc93627d5d411dbd68eda249328e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
age: 92
x-varnish: 76998240 97142246
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 07:56:39 GMT
server: cloudflare
etag: W/"88a-5e2a59c0afbc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=120, s-maxage=3600
cf-ray: 7235d21c9c64692b-FRA
expires: Thu, 30 Jun 2022 08:12:37 GMT

GET
H2 200 sectmain_20220630.js Show response
orientaldaily.on.cc/section/news/js/168/ 164 KB
34 KB 39ms
37ms XHR
application/json 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/section/news/js/168/sectmain_20220630.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 363cdcdc13363ca0a317e4ac6b82721100ec58593c1cefeafdf6d2f21f56702f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
age: 0
cf-ray: 7235d21c9c68692b-FRA
x-host: odnsearchdocker01
x-application-context: application:live:9054
referrer-policy: no-referrer-when-downgrade
server: cloudflare
etag: W/"0bf2181fe34a08cff7fbf7d3f3e0b8285"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 87482333
access-control-allow-origin: *
cache-control: public, max-age=300, s-maxage=300, stale-if-error=86400, stale-while-revalidate=30
content-type: application/json;charset=utf-8
access-control-allow-headers: Content-Type

GET
H2 200 spacer.gif
orientaldaily.on.cc/img/v3/ 43 B
196 B 257ms
255ms Image
image/gif 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/spacer.gif
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: L08
content-type: image/gif
content-length: 43
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 28 Oct 2008 03:17:50 GMT
server: cloudflare
etag: "2b-45a47b1435380"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 104359546
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7235d21c9c6b692b-FRA
expires: Thu, 30 Jun 2022 08:59:16 GMT

GET
H2 200 search_engine_logo.png
orientaldaily.on.cc/img/v3/ 3 KB
4 KB 43ms
42ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/search_engine_logo.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 179e2131f584aaf223928266ff48c9c85106f9412470680dd4c20084d9060898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 0
content-type: image/png
content-length: 3436
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Feb 2013 08:37:44 GMT
server: cloudflare
etag: "d6c-4d50a3d704600"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 54981868 56174667
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 7235d21c9c6c692b-FRA
expires: Thu, 30 Jun 2022 09:11:50 GMT

GET
H2 200 search_engine_title.png
orientaldaily.on.cc/img/v3/ 2 KB
2 KB 37ms
36ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/search_engine_title.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf8e07f3863a8dc17833864c5f07759dd35fce17a3ac3e382cfa53b0465d4014

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 1773
content-type: image/png
content-length: 1592
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Feb 2013 08:37:44 GMT
server: cloudflare
etag: "638-4d50a3d704600"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 30349539
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 7235d21c9c6f692b-FRA
expires: Thu, 30 Jun 2022 08:12:20 GMT

GET
H2 200 search_engine_search.png
orientaldaily.on.cc/img/v3/ 6 KB
6 KB 45ms
44ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/search_engine_search.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3abbdee23923fff731b29b9af1621396fb5266a78bc8a4cdfbf70cb47993fdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 92
content-type: image/png
content-length: 6350
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Feb 2013 08:37:44 GMT
server: cloudflare
etag: "18ce-4d50a3d704600"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 30121534 29413192
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 7235d21c9c70692b-FRA
expires: Thu, 30 Jun 2022 09:12:21 GMT

GET
H2 200 sp_hk.jpg
orientaldaily.on.cc/img/v3/ 7 KB
7 KB 41ms
40ms Image
image/jpeg 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/sp_hk.jpg
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5577dfc0f7d981f0e52872f70475d085675200dab0f733ba23c4edb03e6124eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 1773
content-type: image/jpeg
content-length: 7004
x-varnish: 176334256 176233932
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 25 Apr 2018 04:59:12 GMT
server: cloudflare
etag: "1b5c-56aa521c10800"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
expires: Thu, 30 Jun 2022 08:12:23 GMT
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7235d21c9c71692b-FRA
cf-bgj: h2pri

GET
H2 200 __utm.gif
orientaldaily.on.cc/img/ 35 B
207 B 271ms
270ms Image
image/gif 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/__utm.gif?utmwv=1&utmn=248626736&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE%20-%20%E6%9D%B1%E6%96%B9%E6%97%A5%E5%A0%B1&utmhn=orientaldaily.on.cc&utmr=-&utmp=https://orientaldaily.on.cc/content/finance/odn-20220630-0630_00202_035/
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: DYNAMIC
x-cacheable: NO:Not Cacheable
age: 0
content-type: image/gif
content-length: 35
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 17 Nov 2010 02:43:06 GMT
server: cloudflare
etag: "23-49536a2074280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-language: zh-TW
x-varnish: 113405511
cache-control: no-store, max-age=0
accept-ranges: bytes
cf-ray: 7235d21c9c73692b-FRA
expires: Thu, 30 Jun 2022 09:29:31 GMT

GET
H2 200 menu.js Show response
hk.on.cc/mobile/js/lib/ 40 KB
9 KB 33ms
32ms Script
application/javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hk.on.cc/mobile/js/lib/menu.js?
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/require.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e88277fb3af2797ea1ed8f612de86557d5926a94711f895adb28a09be31defd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: Y09
age: 3431
cf-ray: 7235d21c9c75692b-FRA
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 08 Apr 2022 02:37:43 GMT
server: cloudflare
etag: W/"624f9ff7-a01d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 437259999 436752826
cache-control: public, max-age=1800, s-maxage=14400
content-type: application/javascript

GET
H2 200 slidebars.js Show response
orientaldaily.on.cc/js/v3/lib/ 4 KB
2 KB 33ms
33ms Script
application/x-javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/lib/slidebars.js?
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/require.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5f43aeb0f7b3d6beb24841027dd070d88ae08c7529e3a50f4cd0fae5105e01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
age: 0
x-varnish: 80938532 80189491
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 26 May 2021 03:10:48 GMT
server: cloudflare
etag: W/"104e-5c332fd3d7e00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7235d21c9c76692b-FRA
expires: Thu, 30 Jun 2022 08:11:51 GMT

GET
H2 200 urchin.js Show response
orientaldaily.on.cc/js/v3/lib/ Frame D68A 18 KB
6 KB 32ms
30ms Script
application/x-javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/lib/urchin.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/iframe_ysm_utf8.html?device=desktop&section=finance&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab229322552892c8734d333a6b52b479f3d9cf7c8a1fc9cf2d8bd6ba3420284b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/js/v3/iframe_ysm_utf8.html?device=desktop&section=finance&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
age: 0
x-varnish: 77666780
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Feb 2012 06:36:24 GMT
server: cloudflare
etag: W/"4661-4b95f83604a00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7235d21cbca4692b-FRA
expires: Thu, 30 Jun 2022 08:12:43 GMT

GET
H2 200 urchin-lib.js Show response
orientaldaily.on.cc/js/v3/lib/ Frame D68A 1 KB
687 B 31ms
29ms Script
application/x-javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/lib/urchin-lib.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/iframe_ysm_utf8.html?device=desktop&section=finance&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 202370a6bb2899416c9ae48d85030b16576d76dd43c21af78ca42e2ecae0e8d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/js/v3/iframe_ysm_utf8.html?device=desktop&section=finance&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
age: 1007
x-varnish: 80972508 79814531
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 24 May 2021 04:21:30 GMT
server: cloudflare
etag: W/"46a-5c30bbe668680"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7235d21cbca6692b-FRA
expires: Thu, 30 Jun 2022 09:12:13 GMT

GET
H2 200 ic_s_up_on_32.png
orientaldaily.on.cc/img/v3/ 4 KB
4 KB 239ms
239ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/ic_s_up_on_32.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-content.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93a39183c6ae715636ed25fd02d5a1afa92f61c780979f6f48c80b5d4c7482f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-content.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: L08
content-type: image/png
content-length: 3819
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Jul 2021 11:23:28 GMT
server: cloudflare
etag: "eeb-5c65e88ce4c00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 46214113 41275426
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7235d21cdcdc692b-FRA
expires: Thu, 30 Jun 2022 08:12:36 GMT

GET
H2 200 ic_s_down_on_32.png
orientaldaily.on.cc/img/v3/ 4 KB
4 KB 58ms
57ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/ic_s_down_on_32.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-content.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b50c0a0deb95f235d8a83870eabda247bec8c7c86231c3e47954e328ff1e711d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-content.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: L08
age: 0
content-type: image/png
content-length: 3825
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Jul 2021 11:23:35 GMT
server: cloudflare
etag: "ef1-5c65e89391bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 204690275 200538058
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7235d21cecde692b-FRA
expires: Thu, 30 Jun 2022 08:12:10 GMT

GET
H2 200 odn_logo.png
hk.on.cc/mobile/img/ 2 KB
2 KB 38ms
31ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/mobile/img/odn_logo.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca369b7f67abbc64e8a9f8d2fe01bd42f12105dec97458faf311ad900e7c9be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: Y09
age: 3244
cf-ray: 7235d21cfd00692b-FRA
content-length: 2415
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Mar 2017 07:48:51 GMT
server: cloudflare
etag: "58c8f1e3-96f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 437048206 433945972
cache-control: public, max-age=7200, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 oncc_hk_on.png
hk.on.cc/mobile/img/ 2 KB
2 KB 35ms
29ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/mobile/img/oncc_hk_on.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 267567adb4b6505e023e870d208a89492534119bc9e581a7181e11d942ed56ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: Y09
age: 3244
cf-ray: 7235d21cfd01692b-FRA
content-length: 2304
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Mar 2017 07:57:28 GMT
server: cloudflare
etag: "58c8f3e8-900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 414492272 436644988
cache-control: public, max-age=7200, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 ontv_logo.png
hk.on.cc/mobile/img/ 3 KB
3 KB 36ms
30ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/mobile/img/ontv_logo.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a6bf83e852ce505163230054c023be0afbec473d5eb7c56ba2cea67e236fd8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: Y09
age: 3067
cf-ray: 7235d21cfd04692b-FRA
content-length: 3154
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 30 Dec 2019 01:39:11 GMT
server: cloudflare
etag: "5e09553f-c52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 414295884 432963539
cache-control: public, max-age=7200, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 epaper_logo.png
hk.on.cc/mobile/img/ 2 KB
3 KB 41ms
36ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/mobile/img/epaper_logo.png?v=2
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c2166c456df16a904a9694bf26fca192b82f6f6000103bce4d84ce2d89527d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: Y09
age: 3244
cf-ray: 7235d21cfd06692b-FRA
content-length: 2449
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Jun 2017 02:15:10 GMT
server: cloudflare
etag: "5934beae-991"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 385193470 436644996
cache-control: public, max-age=7200, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 m18_logo.png
hk.on.cc/mobile/img/ 4 KB
4 KB 56ms
52ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/mobile/img/m18_logo.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b598afd486f173c5d6bcba3863a904f0494eaf49957fb7c4b534a731cda34d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: Y10
age: 3244
cf-ray: 7235d21cfd08692b-FRA
content-length: 4439
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 15 Nov 2018 02:48:47 GMT
server: cloudflare
etag: "5becde8f-1157"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 62237430
cache-control: public, max-age=7200, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 p18_logo.png
hk.on.cc/mobile/img/ 8 KB
8 KB 37ms
33ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/mobile/img/p18_logo.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 311ed131ee2d852a3c476f02be22864564ce763ba88903e947cbaaf0c5c9c060

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: Y09
age: 3244
cf-ray: 7235d21cfd0a692b-FRA
content-length: 7733
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Mar 2017 07:48:54 GMT
server: cloudflare
etag: "58c8f1e6-1e35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 437260032 435899315
cache-control: public, max-age=7200, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 ofa_logo.png
hk.on.cc/mobile/img/ 6 KB
6 KB 34ms
30ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/mobile/img/ofa_logo.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f419e7307780a5eaf54c57408a025126ac694c9ff59dc40982807ea16e4bfff2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: Y09
age: 3244
cf-ray: 7235d21cfd0c692b-FRA
content-length: 5729
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 Mar 2020 01:52:23 GMT
server: cloudflare
etag: "5e6ae757-1661"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 433251065 432963542
cache-control: public, max-age=7200, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 classified_on.png
hk.on.cc/mobile/img/ 3 KB
3 KB 47ms
43ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/mobile/img/classified_on.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb02904d7b781b74b7ab5506401d37c87203c5d17319eb14676fb865e97684ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: Y09
age: 3244
cf-ray: 7235d21cfd0e692b-FRA
content-length: 2751
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Dec 2016 10:31:45 GMT
server: cloudflare
etag: "5864e611-abf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 436937808 435970829
cache-control: public, max-age=7200, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 entrybanner.jpg
hk.on.cc/mobile/img/ 151 KB
152 KB 246ms
242ms Image
image/jpeg 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/mobile/img/entrybanner.jpg
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca6d2da6e15aaf6a2a3a84aba91a70d97d30f7188bf2526e238bda35fc5d01a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: Y09
cf-ray: 7235d21cfd12692b-FRA
content-length: 154960
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 08 Oct 2021 02:20:42 GMT
server: cloudflare
etag: "615faafa-25d50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 73823413 81268802
cache-control: public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 oncc_playicon.png
hk.on.cc/img/v2/ 2 KB
2 KB 32ms
32ms Image
image/png 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/img/v2/oncc_playicon.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-common.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 362a819db539b43a089db6fb279b870da7d7ab79d70df11dec2b6f3fce4be612

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-common.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: Y10
age: 3475
cf-ray: 7235d21d1d2e692b-FRA
content-length: 2146
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 24 Jul 2019 06:35:20 GMT
server: cloudflare
etag: "5d37fc28-862"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 62237411
cache-control: public, max-age=7200, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 bkn-20220630162008408-0630_00842_001_01s.jpg
hk.on.cc/hk/bkn/cnt/finance/20220630/photo/ 80 KB
80 KB 235ms
230ms Image
image/jpeg 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/photo/bkn-20220630162008408-0630_00842_001_01s.jpg?20220630163258
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca3308cd7b576f05eadbba21318102b7f10def1b3cfea4a00a3840eccbf0ba69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: Y10
cf-ray: 7235d21d5d98692b-FRA
content-length: 81590
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 08:30:27 GMT
server: cloudflare
etag: "62bd5f23-13eb6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 56697655
cache-control: public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 bkn-20220630092056453-0630_00842_001_01s.jpg
hk.on.cc/hk/bkn/cnt/finance/20220630/photo/ 62 KB
62 KB 244ms
239ms Image
image/jpeg 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/photo/bkn-20220630092056453-0630_00842_001_01s.jpg?20220630162806
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0543b0572fb5233fe7c4004a49e8139cb1ee4ea2ec24485090428692dc25ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: Y09
cf-ray: 7235d21d5d9b692b-FRA
content-length: 63304
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 06:42:46 GMT
server: cloudflare
etag: "62bd45e6-f748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 437296503
cache-control: public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 bkn-20220630095137284-0630_00842_001_01s.jpg
hk.on.cc/hk/bkn/cnt/finance/20220630/photo/ 108 KB
108 KB 229ms
224ms Image
image/jpeg 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/photo/bkn-20220630095137284-0630_00842_001_01s.jpg?20220630162843
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c356781e5dffebe24b1c1bb1939a90471a9e09397e2c5d47d385b26fa8fa99ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: Y10
cf-ray: 7235d21d5d9d692b-FRA
content-length: 110261
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 01:51:44 GMT
server: cloudflare
etag: "62bd01b0-1aeb5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 36670198
cache-control: public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 bkn-20220630113536557-0630_00842_001_01s.jpg
hk.on.cc/hk/bkn/cnt/finance/20220630/photo/ 86 KB
86 KB 232ms
228ms Image
image/jpeg 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/photo/bkn-20220630113536557-0630_00842_001_01s.jpg?20220630141127
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8480151cecaa2ec2dfebd120841cc5b0655981e12e7ab80354db5669d84f9632

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: Y10
cf-ray: 7235d21d5d9e692b-FRA
content-length: 87592
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 03:49:07 GMT
server: cloudflare
etag: "62bd1d33-15628"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 44145110
cache-control: public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 bkn-20220629212946651-0629_00842_001_01s.jpg
hk.on.cc/hk/bkn/cnt/finance/20220629/photo/ 91 KB
91 KB 258ms
253ms Image
image/jpeg 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/hk/bkn/cnt/finance/20220629/photo/bkn-20220629212946651-0629_00842_001_01s.jpg?20220629214049
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9674a6e7b407e2b658339481bcc5ded7da98f41075104c83592af4459750db87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: Y09
cf-ray: 7235d21d5da0692b-FRA
content-length: 92888
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 29 Jun 2022 13:36:53 GMT
server: cloudflare
etag: "62bc5575-16ad8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 367205722
cache-control: public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 bkn-20220630115801289-0630_00842_001_01s.jpg
hk.on.cc/hk/bkn/cnt/finance/20220630/photo/ 76 KB
76 KB 228ms
224ms Image
image/jpeg 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/photo/bkn-20220630115801289-0630_00842_001_01s.jpg?20220630125327
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4c9e237182baafe9273e1a0dbe7f8b6814c885a11c842fc879b0939c74cdccd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: Y09
cf-ray: 7235d21d6da3692b-FRA
content-length: 77621
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 04:53:05 GMT
server: cloudflare
etag: "62bd2c31-12f35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 420585680
cache-control: public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 bkn-20220630142124688-0630_00842_001_01s.jpg
hk.on.cc/hk/bkn/cnt/finance/20220630/photo/ 82 KB
82 KB 104ms
100ms Image
image/jpeg 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/photo/bkn-20220630142124688-0630_00842_001_01s.jpg?20220630143346
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fa702bcdf3df8c233163b3e5503579bb9109b7f426add09771cb54bbaa0275a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: Y09
age: 0
cf-ray: 7235d21d6da5692b-FRA
content-length: 84162
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 06:33:30 GMT
server: cloudflare
etag: "62bd43ba-148c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 435970800
cache-control: public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 bkn-20220630151705577-0630_00842_001_01s.jpg
hk.on.cc/hk/bkn/cnt/finance/20220630/photo/ 57 KB
58 KB 105ms
102ms Image
image/jpeg 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/photo/bkn-20220630151705577-0630_00842_001_01s.jpg?20220630154203
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a2ed5c3aaca816b771346b5324c8789fd85d57856a98d5ff07290a19f1b95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: Y09
age: 0
cf-ray: 7235d21d6da6692b-FRA
content-length: 58823
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 07:41:46 GMT
server: cloudflare
etag: "62bd53ba-e5c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 433375356
cache-control: public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 bkn-20220630160800461-0630_00842_001_01s.jpg
hk.on.cc/hk/bkn/cnt/finance/20220630/photo/ 104 KB
104 KB 57ms
54ms Image
image/jpeg 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/photo/bkn-20220630160800461-0630_00842_001_01s.jpg?20220630161201
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fff0e21870bb047343bb423f7d2526b209c74bdd7e22faf10cfad8042a9184dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: Y09
age: 0
cf-ray: 7235d21d6da9692b-FRA
content-length: 106424
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 08:11:43 GMT
server: cloudflare
etag: "62bd5abf-19fb8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 435970857
cache-control: public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 bkn-20220630124400486-0630_00842_001_01s.jpg
hk.on.cc/hk/bkn/cnt/finance/20220630/photo/ 65 KB
65 KB 243ms
241ms Image
image/jpeg 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/photo/bkn-20220630124400486-0630_00842_001_01s.jpg?20220630131324
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b25c86a38b295242f4b357ad3c2bd7f94d52e18d409ddbbaba64b5a5064fa1ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: Y10
cf-ray: 7235d21d6daa692b-FRA
content-length: 66743
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 05:13:03 GMT
server: cloudflare
etag: "62bd30df-104b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 49100500
cache-control: public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 __utm.gif
orientaldaily.on.cc/img/ Frame D68A 35 B
217 B 262ms
261ms Image
image/gif 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/__utm.gif?utmwv=1&utmn=312110475&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E5%BB%A3%E5%91%8A%20-%20%E6%9D%B1%E6%96%B9%E6%97%A5%E5%A0%B1&utmhn=orientaldaily.on.cc&utmr=0&utmp=https://orientaldaily.on.cc/js/v3/iframe_ysm_utf8.html?device=desktop&section=finance&url=https%253A%252F%252Forientaldaily.on.cc%252Fcontent%252F%2525E7%252594%2525A2%2525E7%2525B6%252593%252Fodn-20220630-0630_00202_035%252F%2525E6%2525B8%2525A3%2525E6%252589%252593%2525E6%252593%2525AC%2525E5%252586%25258D%2525E6%252595%2525B4%2525E5%252590%252588%2525E5%25258D%2525B0%2525E5%2525BA%2525A6%2525E8%2525B2%2525B8%2525E6%2525AC%2525BE
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/iframe_ysm_utf8.html?device=desktop&section=finance&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/js/v3/iframe_ysm_utf8.html?device=desktop&section=finance&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: DYNAMIC
x-cacheable: NO:Not Cacheable
age: 0
content-type: image/gif
content-length: 35
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 17 Nov 2010 02:43:06 GMT
server: cloudflare
etag: "23-49536a2074280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-language: zh-TW
x-varnish: 99452387
cache-control: no-store, max-age=0
accept-ranges: bytes
cf-ray: 7235d21d6db6692b-FRA
expires: Thu, 30 Jun 2022 09:29:31 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 47ms
47ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 48ms
47ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FC0A 20 KB
10 KB 408ms
407ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=90&slotname=4687187148&adk=190292511&adf=2300459119&pi=t.ma~as.4687187148&w=728&lmt=1656580771&psa=0&format=728x90&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656580771493&bpp=2&bdt=5060&idt=3&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1eb916856b026e57%3AT%3D1656580769%3AS%3DALNI_MZFHAHy4KvX4pXnahAxZK-0FK5pFw&prev_fmts=0x0&nras=1&correlator=602963358455&rume=1&frm=20&pv=1&ga_vid=248626736.1656580771&ga_sid=1656580771&ga_hid=15067015&ga_fc=1&ga_cid=965798538.1656580769&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065545%2C31067983%2C44768099%2C42531605%2C31061691%2C31061693&oid=2&pvsid=203634787387024&tmod=726087036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&fsb=1&xpc=Oqgf4LTKww&p=https%3A//orientaldaily.on.cc&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed576e777684a152c09382fc3dd3a133665aaa5550e2480c1078a603b5cc5ac7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 10721
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 09:19:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bkn-20220630160800461-0630_00842_001_01s.jpg
hk.on.cc/hk/bkn/cnt/finance/20220630/photo/ 104 KB
104 KB 36ms
35ms Image
image/jpeg 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/photo/bkn-20220630160800461-0630_00842_001_01s.jpg?20220630161201
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fff0e21870bb047343bb423f7d2526b209c74bdd7e22faf10cfad8042a9184dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
cf-cache-status: HIT
x-cacheable: Y09
age: 0
cf-ray: 7235d21e6f8f692b-FRA
content-length: 106424
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 08:11:43 GMT
server: cloudflare
etag: "62bd5abf-19fb8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 435970857
cache-control: public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H3 200 container.html Show response
167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D251 6 KB
3 KB 121ms
40ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 09:19:28 GMT
expires: Fri, 30 Jun 2023 09:19:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK td_js_sdk_171.js Show response
api.popin.cc/ 34 KB
13 KB 511ms
511ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/td_js_sdk_171.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/orientaldaily_hk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 09:19:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Jan 2018 09:42:51 GMT
Server: nginx
ETag: W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status: HIT from 10.252.55.44
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: null
Expires: Thu, 30 Jun 2022 10:19:31 GMT

GET
H2 200 recommend Show response
hk.popin.cc/popin_discovery/ 123 KB
27 KB 1040ms
540ms Script
application/javascript 119.63.198.189
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://hk.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&&device=pc&media=orientaldaily.on.cc_hk&extra=windows&agency=ftk&topn=50&ad=15&r_category=all&country=hk&redirect=true&channel=country_tw&uid=1f5565d8d7c218455701656580771734&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTAzLjAuNTA2MCIsInVzZXJfdGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidXNlcl90ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInVzZXJfdGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDMuMC41MDYwLjUzIFNhZmFyaS81MzcuMzYiLCJ1c2VyX3RkX3JlZmVycmVyIjoiIiwidXNlcl90ZF9wYXRoIjoiL2NvbnRlbnQvJUU3JTk0JUEyJUU3JUI2JTkzL29kbi0yMDIyMDYzMC0wNjMwXzAwMjAyXzAzNS8lRTYlQjglQTMlRTYlODklOTMlRTYlOTMlQUMlRTUlODYlOEQlRTYlOTUlQjQlRTUlOTAlODglRTUlOEQlQjAlRTUlQkElQTYlRTglQjIlQjglRTYlQUMlQkUiLCJ1c2VyX3RkX2NoYXJzZXQiOiJ1dGYtOCIsInVzZXJfdGRfbGFuZ3VhZ2UiOiJlbi11cyIsInVzZXJfdGRfY29sb3IiOiIyNC1iaXQiLCJ1c2VyX3RkX3RpdGxlIjoiJUU2JUI4JUEzJUU2JTg5JTkzJUU2JTkzJUFDJUU1JTg2JThEJUU2JTk1JUI0JUU1JTkwJTg4JUU1JThEJUIwJUU1JUJBJUE2JUU4JUIyJUI4JUU2JUFDJUJFJTIwLSUyMCVFNiU5RCVCMSVFNiU5NiVCOSVFNiU5NyVBNSVFNSVBMCVCMSIsInVzZXJfdGRfdXJsIjoiaHR0cHM6Ly9vcmllbnRhbGRhaWx5Lm9uLmNjL2NvbnRlbnQvJUU3JTk0JUEyJUU3JUI2JTkzL29kbi0yMDIyMDYzMC0wNjMwXzAwMjAyXzAzNS8lRTYlQjglQTMlRTYlODklOTMlRTYlOTMlQUMlRTUlODYlOEQlRTYlOTUlQjQlRTUlOTAlODglRTUlOEQlQjAlRTUlQkElQTYlRTglQjIlQjglRTYlQUMlQkUiLCJ1c2VyX3RkX3BsYXRmb3JtIjoiV2luMzIiLCJ1c2VyX3RkX2hvc3QiOiJvcmllbnRhbGRhaWx5Lm9uLmNjIiwidXNlcl9kZXZpY2UiOiJwYyIsInVzZXJfdGltZSI6MTY1NjU4MDc3MTczNSwiZnJ1aXRfYm94X3Bvc2l0aW9uIjoiIiwiZnJ1aXRfc3R5bGUiOiIifQ==&callback=_p6_96aa46d818b0
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/orientaldaily_hk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.189 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: fad626d16534695b831ff183de1c5fda2de8f081c23b790313a75b786063b416

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:32 GMT
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: nginx/1.13.5
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8

GET
H/1.1 200
OK popin_discovery5-min.js Show response
api.popin.cc/ 154 KB
42 KB 1006ms
503ms Script
application/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/popin_discovery5-min.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/orientaldaily_hk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 77d3a6b19e6eac0ab89be6d6d6754ca0fd0ee47beb8b39350ecc6b534ee95281

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 09:19:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 May 2022 05:04:08 GMT
Server: nginx
ETag: W/"455b85d8c8e61303fd231d2415058c18"
X-Cache-Status: HIT from 10.252.55.44
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: 7goFykhV809rshrE2QHSfol2kmepeVDO
Expires: Thu, 30 Jun 2022 10:19:32 GMT

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
347 B 1036ms
257ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxMywidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAzLjAuNTA2MC41MyBTYWZhcmkvNTM3LjM2Iiwicl91cmwiOiJodHRwczovL29yaWVudGFsZGFpbHkub24uY2MvY29udGVudC8lRTclOTQlQTIlRTclQjYlOTMvb2RuLTIwMjIwNjMwLTA2MzBfMDAyMDJfMDM1LyVFNiVCOCVBMyVFNiU4OSU5MyVFNiU5MyVBQyVFNSU4NiU4RCVFNiU5NSVCNCVFNSU5MCU4OCVFNSU4RCVCMCVFNSVCQSVBNiVFOCVCMiVCOCVFNiVBQyVCRSJ9&t=1656580771731
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 09:19:32 GMT
Last-Modified: Thu, 13 Dec 2018 07:19:53 GMT
Server: nginx/1.13.5
ETag: "5c120819-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
347 B 1051ms
266ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNCwidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAzLjAuNTA2MC41MyBTYWZhcmkvNTM3LjM2IiwiYXBpX2hvc3QiOiJoay5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJvcmllbnRhbGRhaWx5Lm9uLmNjX2hrIiwidXJsIjoiaHR0cHM6Ly9vcmllbnRhbGRhaWx5Lm9uLmNjL2NvbnRlbnQvJUU3JTk0JUEyJUU3JUI2JTkzL29kbi0yMDIyMDYzMC0wNjMwXzAwMjAyXzAzNS8lRTYlQjglQTMlRTYlODklOTMlRTYlOTMlQUMlRTUlODYlOEQlRTYlOTUlQjQlRTUlOTAlODglRTUlOEQlQjAlRTUlQkElQTYlRTglQjIlQjglRTYlQUMlQkUiLCJsb2MiOiJodHRwczovL29yaWVudGFsZGFpbHkub24uY2MvY29udGVudC8lRTclOTQlQTIlRTclQjYlOTMvb2RuLTIwMjIwNjMwLTA2MzBfMDAyMDJfMDM1LyVFNiVCOCVBMyVFNiU4OSU5MyVFNiU5MyVBQyVFNSU4NiU4RCVFNiU5NSVCNCVFNSU5MCU4OCVFNSU4RCVCMCVFNSVCQSVBNiVFOCVCMiVCOCVFNiVBQyVCRSJ9&t=1656580771738
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 09:19:32 GMT
Last-Modified: Thu, 13 Dec 2018 07:19:53 GMT
Server: nginx/1.13.5
ETag: "5c120819-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
347 B 1051ms
260ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjowLCJhcGlfaG9zdCI6ImhrLnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6Im9yaWVudGFsZGFpbHkub24uY2NfaGsiLCJ1cmwiOiJodHRwczovL29yaWVudGFsZGFpbHkub24uY2MvY29udGVudC8lRTclOTQlQTIlRTclQjYlOTMvb2RuLTIwMjIwNjMwLTA2MzBfMDAyMDJfMDM1LyVFNiVCOCVBMyVFNiU4OSU5MyVFNiU5MyVBQyVFNSU4NiU4RCVFNiU5NSVCNCVFNSU5MCU4OCVFNSU4RCVCMCVFNSVCQSVBNiVFOCVCMiVCOCVFNiVBQyVCRSIsInVpZCI6IjFmNTU2NWQ4ZDdjMjE4NDU1NzAxNjU2NTgwNzcxNzM0IiwidGRfdGl0bGUiOiIiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6NiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMDMuMC41MDYwIn0=&t=1656580771740
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 09:19:32 GMT
Last-Modified: Mon, 07 Jan 2019 09:48:08 GMT
Server: nginx/1.13.5
ETag: "5c332058-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BE56 624 B
297 B 50ms
50ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNVWgDnTu3anM0HL8wTL7S2LpjKYGybFNqEZAxGzmcKVw5Or6hxtaKpxYFR4YLKRmQWC-_EQRpTM7kIw7RsA61RbLDcbOUxInPm4KGdwztqhfUzufKjQFZebykE4tzkrs6rNqgEA7pE1CqAu-OCD03jkNyS6ys7OaH6A5i9gSnE1i2uL_qI

Requested by

Host: 167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com
URL: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 09:19:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D251 77 KB
32 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AGikSJ911cSx2NBH150nFVJbSHQWUpiUf-GEi2zhK_1GZxOCOB9sXi39MeBLhE4xuuBkMhaqPOMi4FBMPBUX58NJxAHeAoD28tw6AEA8MaXYLzqi-UOBXG0uQH0CljkkjyotT7ZRzwv7hpaO6Q3-J8pXB1Mg&dbm_d=AKAmf-DN4buVt92RvRQx8b5YPm6yXL1Hm-RE02Cn3HBjsLHTeZ1DFAs0GNn0Mk6PWgNfE4YlmOBiLHs2kEf5nfAn9EyvLGx89dYi0Mly9wGz3CRNsoadjJAYZCHMIkA7Hm9rr7ItSSNA-OnTbUQ_ltxB4LXziYweX_oYhWCjyit5Hzu3VmW996RR6DuEmMJnZYBuPmJPAs8Iior3tZXj2R8InQQRUssW2YIpKFEljOsIt2IE6cnYt0qk31G3FLgtPS6VmPMz1pm6luzh4ssBavZwivgAKkpwikzLEGjwVGfM2I6MKGl7mJJx5TKDW06zd6ItQoBNigLHZAtqR94KfXBalvZ1rndQNuRiDGDOFOVysaKFvdaHbWJ28bZSWcE2aPPZU9Lhef3uaRC7AyqK5VVw0cuHkGkZ9NbRgouCnTl5kkunNV1amx3LZsNwawzZx8HaJzq8kOwkNlubCsZHak3DuvDS39GytOgHBuU5DOIfmxLC2t1keJUg8pSpR7EWxsU0r_N0fJqwFLgFnCPMBsT9vbORp4E8yU9krb8C0Ankkz181buhC30hpHnAIJzcYPlhd_4OH_FWNJR60tJARYfvuobvO2IKisYg3zhPKLK5_4OeGEjFb8ub1D71m8MM0g4krLzkTY5EQA6YUv48nUMSbMZA5ajWGcMvfIwWC0PQH-0EmR8Cp8B2f0VmUMRgjyhzk91nheR3T2lFbBm8h2542yLNbsnkh1oUHQftJpBfaFTA5PR0dkC7B_gj_ccAVpvIQ4YCcPCqLluKLMHvDyDk3A_0xzGbWaiWlooijoZkfe3j_br9wvKi-tLJz4mMjIjhuVoX7IoOdy528eMJCBuZb-PLucOMfi85TwCuvGS9cBeoVBNKZ3FuKa0F3kHWXsD3RN3EBsy-Kya-cqjMmGj6pxmzddxUaZTna1TGq2iwOtim9wwxtJfwu35sbyXKhfewqvkUq93auKSvlXPoPf0uGr8E8ZFEwCsYnFFeZKVvbnyNiv4MwTSJkT5zsoBwJWl_au283qfJOxwSavjvavqxRqBr1H1M_y9cfNBrTyEgjfY0kkXFE1yXRGn4-tI94_Tq68YS7PhOnEOcw9p9_WoTfdsmXSxrYAtr2DxeXXnttCNhckINesz7ri3f5VrYYuUeDJ8iFrfxwYY3oLWf7YPDUm48GrXoKuG2r3ZL9nT0ibdwxOC35fEbJaY1ZMju7NXY6QA7WI_nQASY9AuzhJr4N1XAjBXAxRemHIlglZCXsUn6MbC3Szaw8rxNSQYj7ZNl1Hgj5gi38FADka4cSnh-vYCJD828GXGL1SqOGEm9VxSImNMftDrYJvckLCbrOOjItfhXGMWdvlCLf2vH86gCbrzUfr9GaDV7uTNjBFi8zewJM9LKS4WUIQ30_EUiEVLDy0vy3acqxtgvCHNy5iCq3kk1lXjHIAzae3NXq8jArcETODttRFULPoD7On6bF6xfWQCNmnU7PHlforh8oTCU2cOO03TBAwOd3AlUuvi-uiIkO56tG8rnkntEulQjltclbp87wHjCjU8nZshirtC_ROu2GsF42k5mtB7y0h7dIO0_CJ9cFwWzJvUWu2ozmf34YFSNVTXKWCHdgEVPxAWpckiIUx2LhbLg3r6UdHE9Zatq7h1ZX2W3c2eHQpiBfI4zE2wX3myAzqxvcHS8oLvrUpbbtqOB1fdpWUmmNmEb7_6RJbPFMNCyi_cfgjg9IZYefD5gOMTEobdB5n_uHyJaU8ey32uearIi0PXyEPmoJW0IRgZSh6izhxXQxkxi2TwwIW3enWY4lB2i5X4u892rNP3KKQd_fdr3zNMYltJs1XP80G2I7hsW36cNRrAEubR18v3V4Zn-82mFIjQJgSRKgnLP-1Nu0UulXNN0fql0rt21gUDaeAqTjBSjEaofzL3svL8dX0rrrqKi0Rk9xHiNIMf6DN5680tkVN_0YhyShazpCoON1AHF6gTnUMfuFJ9fRN-cRwPvyQ3iQ_3g-_2FT_IF8efiySTY2rwWeBVkeh-7oaabM-BlcJnWlX2iAUpDwtxJL_oWktrE8YRzXlrVo1zKGMmVYBTGem9B_e3GTxVsh5HYrL28OZXP4V72FFbxnuQFWJZ0HeiGNgBFmc-WdxPbLomuX58UTYuUd5EJtb0nkzAPWH502SsD0PFZbJcVIUmiPBnaZgyITmmerP8sjM80jF18osQwLkhXNnGa9f47PFqJTWq7sNOr67Gzgb6qe8myTEVjLFI2Mo5O6FYoqM6p2ZiyLxCZ_mWL6bWbUgtxeDgoIKADF_KXOJVHAV4BE9l_BxjGy1fBElPIVcBmzcPGMGDZvnj0FERzZ2tEVRSDOMfIWJtoJcsSoy1yp1j_nZskYKOppUl3ELzU9zyt0277Nspkbo08jy8o8WMNMkv99JZXy7_zfpIEDMN42lKIIz7y2X9PBiO-kfoz91LmgLQmd9kRYgiAGhRJBINd3yColG6fTRcXWLTiCwM6jCWVjnEwS-n87qZWAuTvuUQhBE_RLqlxn5nrmMyvxnhL8whB6t7jpxD-we-ijZJblDs1vZHolClTr3w8Z6ol4AXp1puI4oHnX6rOqvcTEyk6xAYFaGf21J3iDFvuFA-LfUDs05mCpOZjsqmaAg5L-Y-0EKSNHJRhiMfXmnUqGy0JQvDWYReha3sxNaLD1cfQW9KBl16J788vwlIlwl672oeMu4hBK2P_0S4c0MYa3gVvO4fGRYLZZiZj3PgINjeKXmrgpDQhXDQMQh0ieg1CaglLNizkgIJsgoZrOs7M27pr1i_J1B3z-z1KNYB-vt7DTSu9hvGt9m5WeCxn1_vEbFVVVBlp4GnvBHkLraFEsYYesZreblaDngXo6UVcEXA7S6FURW-v3_Uqdzu4rNjJkXq6h4oaDqV-Wryj0_8VcDhZUR19RsF6ZvouA8jjkzmJNHHrs-tkvPGXVNHobUF6DdeC7SZIsUOxgIHft0MnPQEr-rAw_HinE7gR6S9t6NybLs9go60-u4hXyURNRIT82ZOcWx0CAobDMaKTGWUWn371TuPbPIvNXNISAXEA5EUAtzlaHulHiAsiYsP7XYvu81uELPjctgv54JLqRt8YkJzdRm710sC4XN5RwOjF5WswPGxR1-CVnsc_5s3WGjPFXCY1DzlrxQ79KBOwCmEXfjXCuLR70PmSVJWuaqQsMNCokZyP1Ow1LKEY10aYE6TXWSsfxB7wTKx3elTLT6Mda6JVpIKIcvWR-aSjy4qdIj33UAKu0enzC6k8YnUaB29EZXWSTFxvmg4tKTjuIQklsDQ3a68MCqT5WIz13MQVOYh1mY3BOmYfpuhgVH9meYPPWUvfHc8HSoowTzl3Oq83AfzeSzpXd6tlB0rfpgjB2owoYMjKoTgXJmmh&cid=CAASJORo7jaSwsByKtaLUapDJsELEHKVhqYCxKLmpFc285r9POXdVA&rfl=1%2Chttps%253A%252F%252Forientaldaily.on.cc%252Fcontent%252F%2525E7%252594%2525A2%2525E7%2525B6%252593%252Fodn-20220630-0630_00202_035%252F%2525E6%2525B8%2525A3%2525E6%252589%252593%2525E6%252593%2525AC%2525E5%252586%25258D%2525E6%252595%2525B4%2525E5%252590%252588%2525E5%25258D%2525B0%2525E5%2525BA%2525A6%2525E8%2525B2%2525B8%2525E6%2525AC%2525BE%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0562ee2f57eca269e43d5dca6e3ca8b5f6351210c5ce5bcc2baaaac68817d15d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33094
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D251 42 B
63 B 69ms
69ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DHenE5Buc1NOTH0i9ulm731pXK8B0P5LK1OGiISI0VghY_7DCD5gcSDFQGK8wOQXFAtbAdRTQQ0fnmF_PRWtXBNR8gNENN9Wyhd4JoArdT0IXBCbc

Requested by

Host: 167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com
URL: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame D251 3 KB
1 KB 154ms
50ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/window_focus_fy2021.js

Requested by

Host: 167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com
URL: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 09:18:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D251 138 KB
43 KB 180ms
76ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com
URL: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Jun 2022 09:19:31 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame D251 17 KB
8 KB 142ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com
URL: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 09:11:05 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BE56
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB9UFAIZJD0gd94CDXkKtjU&google_cver=1

43 B
909 B

64ms
44ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB9UFAIZJD0gd94CDXkKtjU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNVWgDnTu3anM0HL8wTL7S2LpjKYGybFNqEZAxGzmcKVw5Or6hxtaKpxYFR4YLKRmQWC-_EQRpTM7kIw7RsA61RbLDcbOUxInPm4KGdwztqhfUzufKjQFZebykE4tzkrs6rNqgEA7pE1CqAu-OCD03jkNyS6ys7OaH6A5i9gSnE1i2uL_qI
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 7235d2216f389b94-FRA
pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBmPE%2BceZ%2Bg9Mk9uMXDRLIvidDhLVxDNCeQ4TivqFCxs02rqrievmt7t8dOIFoSAOew5Q%2F8ZomJdCqvcG6v3CdyV0OqCdFZXGkBXKgWJNAu2ERo2fTjU1JEMa4Iw0WrKZPZA0FcmbRSmqw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB9UFAIZJD0gd94CDXkKtjU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BE56
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yr1qpNNk3L3R0qlWOLJacgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlLCpYvCfz-t3kW--ILN_E&google_cver=1

43 B
909 B

35ms
35ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlLCpYvCfz-t3kW--ILN_E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNVWgDnTu3anM0HL8wTL7S2LpjKYGybFNqEZAxGzmcKVw5Or6hxtaKpxYFR4YLKRmQWC-_EQRpTM7kIw7RsA61RbLDcbOUxInPm4KGdwztqhfUzufKjQFZebykE4tzkrs6rNqgEA7pE1CqAu-OCD03jkNyS6ys7OaH6A5i9gSnE1i2uL_qI
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 7235d22238c79b94-FRA
pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HIkRe245uuGCNt6M5aAoRJNauZnW7bbhcfyyyU9uXhL71neLit%2FK%2FMJJGXreO4tZLlyATaPO60kgivAC4MoYPPt1DebrLICm5EKKkAEzP%2Bms0TMV1q3pYcKPR1c20DX%2FNV4h%2FCFxwi3aDw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlLCpYvCfz-t3kW--ILN_E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame BE56
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBkElOiDQRRL8Wx4denM9fE&google_cver=1

43 B
1020 B

41ms
19ms

Image
image/gif

185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBkElOiDQRRL8Wx4denM9fE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNVWgDnTu3anM0HL8wTL7S2LpjKYGybFNqEZAxGzmcKVw5Or6hxtaKpxYFR4YLKRmQWC-_EQRpTM7kIw7RsA61RbLDcbOUxInPm4KGdwztqhfUzufKjQFZebykE4tzkrs6rNqgEA7pE1CqAu-OCD03jkNyS6ys7OaH6A5i9gSnE1i2uL_qI

Protocol

HTTP/1.1

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 09:19:32 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 59b48775-b4ab-4a8d-aa03-da10ef7e7e12
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBkElOiDQRRL8Wx4denM9fE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BE56
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxNDE3MDg4ODY5NzY1MDMxOQ%3D%3D

170 B
188 B

118ms
46ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxNDE3MDg4ODY5NzY1MDMxOQ%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 09:19:32 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f216520a-f5ef-4d5f-aa04-dd28cd8ecc8b
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxNDE3MDg4ODY5NzY1MDMxOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame D251 106 KB
38 KB 148ms
33ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/
Origin: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Jul 2022 09:09:21 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/elements/html/ Frame D251 8 KB
3 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AGikSJ911cSx2NBH150nFVJbSHQWUpiUf-GEi2zhK_1GZxOCOB9sXi39MeBLhE4xuuBkMhaqPOMi4FBMPBUX58NJxAHeAoD28tw6AEA8MaXYLzqi-UOBXG0uQH0CljkkjyotT7ZRzwv7hpaO6Q3-J8pXB1Mg&dbm_d=AKAmf-DN4buVt92RvRQx8b5YPm6yXL1Hm-RE02Cn3HBjsLHTeZ1DFAs0GNn0Mk6PWgNfE4YlmOBiLHs2kEf5nfAn9EyvLGx89dYi0Mly9wGz3CRNsoadjJAYZCHMIkA7Hm9rr7ItSSNA-OnTbUQ_ltxB4LXziYweX_oYhWCjyit5Hzu3VmW996RR6DuEmMJnZYBuPmJPAs8Iior3tZXj2R8InQQRUssW2YIpKFEljOsIt2IE6cnYt0qk31G3FLgtPS6VmPMz1pm6luzh4ssBavZwivgAKkpwikzLEGjwVGfM2I6MKGl7mJJx5TKDW06zd6ItQoBNigLHZAtqR94KfXBalvZ1rndQNuRiDGDOFOVysaKFvdaHbWJ28bZSWcE2aPPZU9Lhef3uaRC7AyqK5VVw0cuHkGkZ9NbRgouCnTl5kkunNV1amx3LZsNwawzZx8HaJzq8kOwkNlubCsZHak3DuvDS39GytOgHBuU5DOIfmxLC2t1keJUg8pSpR7EWxsU0r_N0fJqwFLgFnCPMBsT9vbORp4E8yU9krb8C0Ankkz181buhC30hpHnAIJzcYPlhd_4OH_FWNJR60tJARYfvuobvO2IKisYg3zhPKLK5_4OeGEjFb8ub1D71m8MM0g4krLzkTY5EQA6YUv48nUMSbMZA5ajWGcMvfIwWC0PQH-0EmR8Cp8B2f0VmUMRgjyhzk91nheR3T2lFbBm8h2542yLNbsnkh1oUHQftJpBfaFTA5PR0dkC7B_gj_ccAVpvIQ4YCcPCqLluKLMHvDyDk3A_0xzGbWaiWlooijoZkfe3j_br9wvKi-tLJz4mMjIjhuVoX7IoOdy528eMJCBuZb-PLucOMfi85TwCuvGS9cBeoVBNKZ3FuKa0F3kHWXsD3RN3EBsy-Kya-cqjMmGj6pxmzddxUaZTna1TGq2iwOtim9wwxtJfwu35sbyXKhfewqvkUq93auKSvlXPoPf0uGr8E8ZFEwCsYnFFeZKVvbnyNiv4MwTSJkT5zsoBwJWl_au283qfJOxwSavjvavqxRqBr1H1M_y9cfNBrTyEgjfY0kkXFE1yXRGn4-tI94_Tq68YS7PhOnEOcw9p9_WoTfdsmXSxrYAtr2DxeXXnttCNhckINesz7ri3f5VrYYuUeDJ8iFrfxwYY3oLWf7YPDUm48GrXoKuG2r3ZL9nT0ibdwxOC35fEbJaY1ZMju7NXY6QA7WI_nQASY9AuzhJr4N1XAjBXAxRemHIlglZCXsUn6MbC3Szaw8rxNSQYj7ZNl1Hgj5gi38FADka4cSnh-vYCJD828GXGL1SqOGEm9VxSImNMftDrYJvckLCbrOOjItfhXGMWdvlCLf2vH86gCbrzUfr9GaDV7uTNjBFi8zewJM9LKS4WUIQ30_EUiEVLDy0vy3acqxtgvCHNy5iCq3kk1lXjHIAzae3NXq8jArcETODttRFULPoD7On6bF6xfWQCNmnU7PHlforh8oTCU2cOO03TBAwOd3AlUuvi-uiIkO56tG8rnkntEulQjltclbp87wHjCjU8nZshirtC_ROu2GsF42k5mtB7y0h7dIO0_CJ9cFwWzJvUWu2ozmf34YFSNVTXKWCHdgEVPxAWpckiIUx2LhbLg3r6UdHE9Zatq7h1ZX2W3c2eHQpiBfI4zE2wX3myAzqxvcHS8oLvrUpbbtqOB1fdpWUmmNmEb7_6RJbPFMNCyi_cfgjg9IZYefD5gOMTEobdB5n_uHyJaU8ey32uearIi0PXyEPmoJW0IRgZSh6izhxXQxkxi2TwwIW3enWY4lB2i5X4u892rNP3KKQd_fdr3zNMYltJs1XP80G2I7hsW36cNRrAEubR18v3V4Zn-82mFIjQJgSRKgnLP-1Nu0UulXNN0fql0rt21gUDaeAqTjBSjEaofzL3svL8dX0rrrqKi0Rk9xHiNIMf6DN5680tkVN_0YhyShazpCoON1AHF6gTnUMfuFJ9fRN-cRwPvyQ3iQ_3g-_2FT_IF8efiySTY2rwWeBVkeh-7oaabM-BlcJnWlX2iAUpDwtxJL_oWktrE8YRzXlrVo1zKGMmVYBTGem9B_e3GTxVsh5HYrL28OZXP4V72FFbxnuQFWJZ0HeiGNgBFmc-WdxPbLomuX58UTYuUd5EJtb0nkzAPWH502SsD0PFZbJcVIUmiPBnaZgyITmmerP8sjM80jF18osQwLkhXNnGa9f47PFqJTWq7sNOr67Gzgb6qe8myTEVjLFI2Mo5O6FYoqM6p2ZiyLxCZ_mWL6bWbUgtxeDgoIKADF_KXOJVHAV4BE9l_BxjGy1fBElPIVcBmzcPGMGDZvnj0FERzZ2tEVRSDOMfIWJtoJcsSoy1yp1j_nZskYKOppUl3ELzU9zyt0277Nspkbo08jy8o8WMNMkv99JZXy7_zfpIEDMN42lKIIz7y2X9PBiO-kfoz91LmgLQmd9kRYgiAGhRJBINd3yColG6fTRcXWLTiCwM6jCWVjnEwS-n87qZWAuTvuUQhBE_RLqlxn5nrmMyvxnhL8whB6t7jpxD-we-ijZJblDs1vZHolClTr3w8Z6ol4AXp1puI4oHnX6rOqvcTEyk6xAYFaGf21J3iDFvuFA-LfUDs05mCpOZjsqmaAg5L-Y-0EKSNHJRhiMfXmnUqGy0JQvDWYReha3sxNaLD1cfQW9KBl16J788vwlIlwl672oeMu4hBK2P_0S4c0MYa3gVvO4fGRYLZZiZj3PgINjeKXmrgpDQhXDQMQh0ieg1CaglLNizkgIJsgoZrOs7M27pr1i_J1B3z-z1KNYB-vt7DTSu9hvGt9m5WeCxn1_vEbFVVVBlp4GnvBHkLraFEsYYesZreblaDngXo6UVcEXA7S6FURW-v3_Uqdzu4rNjJkXq6h4oaDqV-Wryj0_8VcDhZUR19RsF6ZvouA8jjkzmJNHHrs-tkvPGXVNHobUF6DdeC7SZIsUOxgIHft0MnPQEr-rAw_HinE7gR6S9t6NybLs9go60-u4hXyURNRIT82ZOcWx0CAobDMaKTGWUWn371TuPbPIvNXNISAXEA5EUAtzlaHulHiAsiYsP7XYvu81uELPjctgv54JLqRt8YkJzdRm710sC4XN5RwOjF5WswPGxR1-CVnsc_5s3WGjPFXCY1DzlrxQ79KBOwCmEXfjXCuLR70PmSVJWuaqQsMNCokZyP1Ow1LKEY10aYE6TXWSsfxB7wTKx3elTLT6Mda6JVpIKIcvWR-aSjy4qdIj33UAKu0enzC6k8YnUaB29EZXWSTFxvmg4tKTjuIQklsDQ3a68MCqT5WIz13MQVOYh1mY3BOmYfpuhgVH9meYPPWUvfHc8HSoowTzl3Oq83AfzeSzpXd6tlB0rfpgjB2owoYMjKoTgXJmmh&cid=CAASJORo7jaSwsByKtaLUapDJsELEHKVhqYCxKLmpFc285r9POXdVA&rfl=1%2Chttps%253A%252F%252Forientaldaily.on.cc%252Fcontent%252F%2525E7%252594%2525A2%2525E7%2525B6%252593%252Fodn-20220630-0630_00202_035%252F%2525E6%2525B8%2525A3%2525E6%252589%252593%2525E6%252593%2525AC%2525E5%252586%25258D%2525E6%252595%2525B4%2525E5%252590%252588%2525E5%25258D%2525B0%2525E5%2525BA%2525A6%2525E8%2525B2%2525B8%2525E6%2525AC%2525BE%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:14:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 09:14:34 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/ Frame D251 27 KB
10 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10545
x-xss-protection: 0
server: cafe
etag: 4672069523611413616
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 09:13:13 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FC0A 42 B
63 B 73ms
69ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AIPkUueAj7SRX-4yWSS4lqtKO70-EJp3I2DDUfyu3EZdtCy-qEfu6KMt2vFbSMuAAnp4tDOgQR5pTEJ493-MzTMB7dU6DaJ_4Z3CRDjAGEhBvqqsE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=90&slotname=4687187148&adk=190292511&adf=2300459119&pi=t.ma~as.4687187148&w=728&lmt=1656580771&psa=0&format=728x90&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656580771493&bpp=2&bdt=5060&idt=3&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1eb916856b026e57%3AT%3D1656580769%3AS%3DALNI_MZFHAHy4KvX4pXnahAxZK-0FK5pFw&prev_fmts=0x0&nras=1&correlator=602963358455&rume=1&frm=20&pv=1&ga_vid=248626736.1656580771&ga_sid=1656580771&ga_hid=15067015&ga_fc=1&ga_cid=965798538.1656580769&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065545%2C31067983%2C44768099%2C42531605%2C31061691%2C31061693&oid=2&pvsid=203634787387024&tmod=726087036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&fsb=1&xpc=Oqgf4LTKww&p=https%3A//orientaldaily.on.cc&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame FC0A 3 KB
1 KB 142ms
65ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 04:59:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15596
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 04:59:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FC0A 138 KB
42 KB 125ms
50ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Jun 2022 09:19:32 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame FC0A 17 KB
7 KB 116ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92cc22507e69f2baa9a37f4dd7767bad45f4531a1667fd8cfb0665dd7bfd52d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 08:38:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7350
x-xss-protection: 0
server: cafe
etag: 4581267900612465077
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 08:38:31 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FC0A 0
0 141ms
52ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSRmFwei5_iZrZtFCcwMZAJv7vkkwyp4DZNAW3_bZHK031ORAB5eIHG-IIsOdn06BXqkeRyDGn4g5ltukPxUfc-635SBQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=90&slotname=4687187148&adk=190292511&adf=2300459119&pi=t.ma~as.4687187148&w=728&lmt=1656580771&psa=0&format=728x90&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656580771493&bpp=2&bdt=5060&idt=3&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1eb916856b026e57%3AT%3D1656580769%3AS%3DALNI_MZFHAHy4KvX4pXnahAxZK-0FK5pFw&prev_fmts=0x0&nras=1&correlator=602963358455&rume=1&frm=20&pv=1&ga_vid=248626736.1656580771&ga_sid=1656580771&ga_hid=15067015&ga_fc=1&ga_cid=965798538.1656580769&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065545%2C31067983%2C44768099%2C42531605%2C31061691%2C31061693&oid=2&pvsid=203634787387024&tmod=726087036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&fsb=1&xpc=Oqgf4LTKww&p=https%3A//orientaldaily.on.cc&dtd=11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0F9E 624 B
297 B 51ms
50ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEIHeluACGLGA07UBMAE&v=APEucNVa6YqCAkQ54oaWZuw0aVE-Ot62HXmCR-NoZLmcG2kIc4az6o-w7jqvKax2K0GfcpChY5pcBqLcAv-2ILKOD2UG-cRMdKhl7yZ5_LpTRsXx0vheWM-ZZSRWZJbnjXnMSVd3J2AhCBB4fIi-rv5MQyRY0pSwTi4byqRgVV5JpKGxkETbhnA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=90&slotname=4687187148&adk=190292511&adf=2300459119&pi=t.ma~as.4687187148&w=728&lmt=1656580771&psa=0&format=728x90&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656580771493&bpp=2&bdt=5060&idt=3&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1eb916856b026e57%3AT%3D1656580769%3AS%3DALNI_MZFHAHy4KvX4pXnahAxZK-0FK5pFw&prev_fmts=0x0&nras=1&correlator=602963358455&rume=1&frm=20&pv=1&ga_vid=248626736.1656580771&ga_sid=1656580771&ga_hid=15067015&ga_fc=1&ga_cid=965798538.1656580769&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065545%2C31067983%2C44768099%2C42531605%2C31061691%2C31061693&oid=2&pvsid=203634787387024&tmod=726087036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&fsb=1&xpc=Oqgf4LTKww&p=https%3A//orientaldaily.on.cc&dtd=11
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 09:19:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FC0A 78 KB
33 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2JOirLnMFH8ntnTJIOovI8e4yACQKgYl7gGUmFWaIgEF1dA9LPFBeROCzqN29d40jZ_156g1d3rzq1runTM60deSlvlr453qPPgxeIBCuIoKsiCY_JOLB_49nhOV3e4OBiHlErNfh4NFNywUVELi5sPVsGQ&dbm_d=AKAmf-B5DmzKufU7V1K698jn9jillMEKvtU0riLtq8-y352Bn1iMMtZN3q8x85TKMD8vraNmHaSHr2LptPof1VOQrKf1HwlMZ83LOnrhvW5xPphiX2IwqT4j4zXJuHSnvpspPlmpt_gs8yDGsNy-uaQBEOpKI2FKlE1EkRA5UUC41GoAqBKMZYuOXAnGcQPiKMM7Ia3HzkEfuB1FM-4pGcZbFO8LAqCH6kzV1L-iEaAg8aHNjAUQqNl9IZulJgo2HNuUtT344jOnvFEyYvu5PF-AG1MqY2YKShSvPRtBRnwFxZoz2whZAdHeCKDf68BM0AW7ZirgaGuD9RrI6yKFmLChyLFweBl4BO3ruJCx0JFPl2pSYRBtVHi3uBkp6AYLicPC-71gSX_nSE73CNlpPAHKhKp9WM9-JD1DWe8-bfvSraoAu3or3ANlIpdAZFKTDoZGrnacVBiAN6SZEmZ3XoOmjDPGY4OYLDqUx808gPS4DvUxG5T7o-kT-MA8QRwsZrrszVwiOEnEFGanXYFiAqDk4Iw7z0w9Q8MslPCDLhS6jcnOfO14xLOsHLAIxjZVXQXQzJq-QAAu8BF2mmMR2gdkfhR93eo27QRJQ3KZhu6JEziOllMAiVZpSAhHYH_8pQOrqeZNB96OMT-CzkeSMzVmWzaTwmHo0I7BzjUw2PKa26ycAv_eZBu2gpXK1El7NXD3iqUheWUjHBY8dX04sEcK6MaB3ArRwg6tSB6vr99hBJYWajyNXktNqfVBEeXCuzVHSHT-J3pPo9C8GZHgl8ieVdTAgF9Gs3NWlEghcqgRCGa5cIFEuIVipkAxcuBeLtDCppwjEwSqb_vfb5Qy70oWS1z0Niac2KZR6LRJcqhKDvLQO_WoIzgRpZoel2P5fG4UmziCFAyZjuwaiqSwVT8ATw0MICDmGhpykeg01jp-AbxXO7h0klukM7PXGI41vHVsMt5WAYUfawdNdVzIcanjrF0nVgN0XMrb8YOnZ_D4bv_JIvcB6-s004eInbpvUVNvwx9pfGtJWeQWH-CAngamqhmXqQrpEW6zTQbb2A8euD2IVOBGu2_WlyFRQixQRceFjHejUmWgprkfLxQXd7-jprmR4sUYeyOS4ULfvvE2aZbQgeERNs9MAd70m6L8FI1soJLYDQiVmW35g1RxRP2EKgVx7ZPsek56xUoxp9l_ekhOTkgAbWawZgGxgdNlU_SJqtqO-9udG53_wH3-NDpKCf9WG75iTzTQL5jBQTfah69qkmqCY2DHFyJ50lUpPou8XvdTmpFDspE-azWnwM0NzvvhP7NJ3yFFn7WlcaCzZ1i5D8GsBe6Rq6ii9WBnSi4zFBfAOQ87xl3fI7n3tt7Yl3VEvkviqp6CwCq8XgEXg6Qi-fWtNeLYSkVuLlp78a0RtgQfCt-o2drBBeQWkbBytG2lImqu6rFkE6uCYAX8Bn8qxqf2_9fxv_G4aOHvYJTVbokbgINHlmV-kmyzyLn0VYx0XTL2IxHr1FAQw9SpOY96aXQjEE80tq-wxUm4bYY80AY1uIrVvwCCfvoGxQL_1CRNcwgcO08ywOX6eVclr5uyDHyOwckBhNS8Kc_5_I2yIKtRQqH0NiURcP9btoN8xH5ovGPTARhTfvYLJUMhLFQ63IjMVFmahKTYOpEQZ_8HQhrjFmIoSkK5piPSB8A_Wj6_YAhpEqF5mJNDNw8rVHlKvJQnAhV0F4qxAhB6_HxaG77P5wu_QvtQiglkvhdt2VhlBy5fVKTaF8Id2y8Zof-ofXxVoJtyPIkWoXA2ITq9Uec4q4U4Lkpik8sAXvicpXnbvkaaBOzh3WnRy3W2FU1q_4pvD8W9c86uKRB6zi-vGOWbFNPd76tuiePV6DaetktnhVR4dONHEOVTBU5XPVdW0pnR2d3g3W2wVtQyLTfhpMoGTjMOXiwWLOGj72wYZjzXXG10VKMP-OrkUeYb5jbgZ7gAX7IxcqEL_JC77vs34O62EKPuq66GcqIl0pC7EQRNQndGADH9-3WEPkZU6LjccKVNvS3SCjp2QpjnyLJvIohnhbXClAUwGFCv1xCnk9raOh1pysWM_DvS63iW9Ta3ChgkZ_dE3PrnzR3T_XDfpTJZej3iV40uVgQDbbx7X6ItDbBuiENdtrLbj2OlxjBwcgpS2I5G7S0qB9X1jt7V6C-USlyyQvLKk3gJmoKHaLPYbA8HISStT7LYBbk9_6_BouLIClmeeGSut-mucirs10wMqQIMggVxWwYhIuk0ag3K94whKFIqnEtrjhcTBdxk8jv7qNEoxqdqNH6DxwjldigiVb-q2CZP8VWtBdIg-IjD1Uuyav82qJreHYo-06KsLTvLVW0KhCBJw9uu17nEoiltCwlz8YonKj-UIb-q_dCmfUaiIl7IjySLOlVSaHipKtuHfzua43NOyDoYvtrtl896YF4WNgaslEvt8kEOjjDKNKbviXVZXzYZrwdcuu1-amldzysWEEL6C95tM0y55h7lD-nG22y8VFf6zpjP-yHLQHAEsdAXRmY-agqLyZ1vDQtmjL1RljHeOzihlHRJht71-6zx5x6rnS5HpKyVLn6JUh4WV9kD2dN9fWP5G2cTQCJ9kMcJgxH-_Vmaxrkje-Ffz9w8hmc1u33ZBXBQ-o4BW34EghoAeV9cPyGTpDTjZdB5PtjQt0k8Ug0RlRZVbua4j9iHU4HMfofU2gPDgPc_8P7MGP_-8u-r8ACQHDidUFFhAXkORv2PvNxaydntofqtknyjJqk-NvdJrOJooKkLXKof0tEbFgAkiD5HCMECrUqVRT1u2D38DbgRP1zfqyf5Wi4R8R3xy_E3bDYdpcc6fsQi9gX8XK_mC79P-Gf6DcNnQ4xnUhY-VQ1c1Ckp8WSjaVpXtAkbY8hxTjeRzDXQOov1bKCjW9ZYeeCuqcOSi1NZNU3AXr1lvYkQMXptX0UTGaiV8yGJhzINvQX4uTbZ122OOqsKnENvyhcgbrtPQBXYCXuRuAofAGi2Wi-Qvaz5_173tbfhKkAO9rC_ZpUJcNru8150-lh7gGNspXaQZl54X877TRaxIPaoO4V9-tihRqqLBpZH4fil0rr7SonOX0KzGCUHImumJ0GrwUntv7oWq_hklJ_PLGcrIFA1g1D7L0G_kDbWvT_79LrZE_-bD7hPSL-TmJJjNtGwCqdIu3WnBa-e7jNEtUsuNznKsvxQFaY12GNO5EWi1mdePdqU20nN7T758gDKJG0IjBzx60SE42R0R7oNbXlAnJCd4o0RiE3BPh08VBOqqYGH9YVoDTHwILe96P4v0DCFIgU7PMBj6Bs&cid=CAASJORoNKE_p85fenCDEyPpMpzukUAy6bAtuWlLojbEmz4xe8UJtQ&rfl=1%2Chttps%253A%252F%252Forientaldaily.on.cc%252Fcontent%252F%2525E7%252594%2525A2%2525E7%2525B6%252593%252Fodn-20220630-0630_00202_035%252F%2525E6%2525B8%2525A3%2525E6%252589%252593%2525E6%252593%2525AC%2525E5%252586%25258D%2525E6%252595%2525B4%2525E5%252590%252588%2525E5%25258D%2525B0%2525E5%2525BA%2525A6%2525E8%2525B2%2525B8%2525E6%2525AC%2525BE%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad81256e507439c190c10486c1461dbf441701364c44a4b435eec9a536db0d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=90&slotname=4687187148&adk=190292511&adf=2300459119&pi=t.ma~as.4687187148&w=728&lmt=1656580771&psa=0&format=728x90&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656580771493&bpp=2&bdt=5060&idt=3&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1eb916856b026e57%3AT%3D1656580769%3AS%3DALNI_MZFHAHy4KvX4pXnahAxZK-0FK5pFw&prev_fmts=0x0&nras=1&correlator=602963358455&rume=1&frm=20&pv=1&ga_vid=248626736.1656580771&ga_sid=1656580771&ga_hid=15067015&ga_fc=1&ga_cid=965798538.1656580769&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065545%2C31067983%2C44768099%2C42531605%2C31061691%2C31061693&oid=2&pvsid=203634787387024&tmod=726087036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&fsb=1&xpc=Oqgf4LTKww&p=https%3A//orientaldaily.on.cc&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33287
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D251 41 KB
15 KB 102ms
37ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com
URL: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 610
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 09:09:22 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0967 1 KB
749 B 41ms
41ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com
URL: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12348
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 05:53:44 GMT
etag: 48472445140208031
expires: Fri, 01 Jul 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D251 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b93d3e5967f55582e7a0d5ba132316e019653a58e4f33eaf7ecdf9e5332f402a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0F9E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlLCpYvCfz-t3kW--ILN_E&google_cver=1

43 B
916 B

34ms
31ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlLCpYvCfz-t3kW--ILN_E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEIHeluACGLGA07UBMAE&v=APEucNVa6YqCAkQ54oaWZuw0aVE-Ot62HXmCR-NoZLmcG2kIc4az6o-w7jqvKax2K0GfcpChY5pcBqLcAv-2ILKOD2UG-cRMdKhl7yZ5_LpTRsXx0vheWM-ZZSRWZJbnjXnMSVd3J2AhCBB4fIi-rv5MQyRY0pSwTi4byqRgVV5JpKGxkETbhnA
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 7235d22228a09b94-FRA
pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4lsEG7ZLpGVdYOjUbSD5E%2Fe1%2F%2Bz%2BXsMkG6juON%2F%2Bs0Dq9afnfn8v0EsWKoKxSKaAyvZ85EnoOQLh%2BmTwCWS5fKdrsH1OXWQMBWphXnB8nknF3yVL2tcnxZPww9xCdph0n9jUF2lhXVm%2B7A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlLCpYvCfz-t3kW--ILN_E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0F9E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yr1qpNNk3L3R0qlWOLJacgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlLCpYvCfz-t3kW--ILN_E&google_cver=1

43 B
908 B

47ms
42ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlLCpYvCfz-t3kW--ILN_E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEIHeluACGLGA07UBMAE&v=APEucNVa6YqCAkQ54oaWZuw0aVE-Ot62HXmCR-NoZLmcG2kIc4az6o-w7jqvKax2K0GfcpChY5pcBqLcAv-2ILKOD2UG-cRMdKhl7yZ5_LpTRsXx0vheWM-ZZSRWZJbnjXnMSVd3J2AhCBB4fIi-rv5MQyRY0pSwTi4byqRgVV5JpKGxkETbhnA
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 7235d222289c9b94-FRA
pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6HKb03KTwxobA86Xdu1sgisqR8T%2BMYdCOdiY6O9fLY%2FpIRi5mqn9AiNCB2PsNjpeevRe7PpTjDZq1M0zpRvIAbKUTNg5x36rGhCo35gMxXsG65qz2mnLsAbdOwfNfVMOAZZaorc5d%2BHOA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlLCpYvCfz-t3kW--ILN_E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0F9E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFNP1PkTlu2jtmpg7LsYeeE&google_cver=1

43 B
1020 B

15ms
14ms

Image
image/gif

185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFNP1PkTlu2jtmpg7LsYeeE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEIHeluACGLGA07UBMAE&v=APEucNVa6YqCAkQ54oaWZuw0aVE-Ot62HXmCR-NoZLmcG2kIc4az6o-w7jqvKax2K0GfcpChY5pcBqLcAv-2ILKOD2UG-cRMdKhl7yZ5_LpTRsXx0vheWM-ZZSRWZJbnjXnMSVd3J2AhCBB4fIi-rv5MQyRY0pSwTi4byqRgVV5JpKGxkETbhnA

Protocol

HTTP/1.1

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 09:19:32 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c522fed3-7878-4bc0-93fd-17007bd0e237
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFNP1PkTlu2jtmpg7LsYeeE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0F9E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxNDE3MDg4ODY5NzY1MDMxOQ%3D%3D

170 B
188 B

85ms
39ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxNDE3MDg4ODY5NzY1MDMxOQ%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 09:19:32 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7d6521c4-873a-403b-9f62-2a8e3ebab2ff
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxNDE3MDg4ODY5NzY1MDMxOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0967
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJvv0bPH9kpiVIBrDGOSixA&google_push=ARnp8GCnnj2NEq513ykQlyaF-QUn2-5AIHgffZrd5XaE7ube30DlPazhli...

170 B
188 B

54ms
49ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJvv0bPH9kpiVIBrDGOSixA&google_push=ARnp8GCnnj2NEq513ykQlyaF-QUn2-5AIHgffZrd5XaE7ube30DlPazhli9lE-7IahAjD3iTIm8SQ3yNBhDlaNlX1OEdO3v5xMBU

Requested by

Host: 167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com
URL: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1656580772.112883,VS0,VE89
x-served-by: cache-hhn4082-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJvv0bPH9kpiVIBrDGOSixA&google_push=ARnp8GCnnj2NEq513ykQlyaF-QUn2-5AIHgffZrd5XaE7ube30DlPazhli9lE-7IahAjD3iTIm8SQ3yNBhDlaNlX1OEdO3v5xMBU
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0967
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECrJlSktBesYieliMvXiCGQ&google_cver=1&google_push=ARnp8GCXXB9wv3xzQutC0XK34j6fZsEy93IHecDGX88GX2huBVadOOs4GyQHO-1NoLAL8M3QsK1LtaZLliy3Js...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzExNDk2MDIzODkyNDcyNDM2Ng%3D%3D&google_push=ARnp8GCXXB9wv3xzQutC0XK34j6fZsEy93IHecDGX88GX2huBVadOOs4GyQHO-1NoLAL8M3QsK1LtaZLliy3Js435n...

170 B
188 B

67ms
41ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzExNDk2MDIzODkyNDcyNDM2Ng%3D%3D&google_push=ARnp8GCXXB9wv3xzQutC0XK34j6fZsEy93IHecDGX88GX2huBVadOOs4GyQHO-1NoLAL8M3QsK1LtaZLliy3Js435nLTmM7cdwg

Requested by

Host: 167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com
URL: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzExNDk2MDIzODkyNDcyNDM2Ng%3D%3D&google_push=ARnp8GCXXB9wv3xzQutC0XK34j6fZsEy93IHecDGX88GX2huBVadOOs4GyQHO-1NoLAL8M3QsK1LtaZLliy3Js435nLTmM7cdwg
Date: Thu, 30 Jun 2022 09:19:32 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0967
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDITX9t_HaMNlWqfJtGkW-A&google_cver=1&google_push=ARnp8GDkiCtqkIEsOqNdK4c94B96Kx52W9LePpfHGvwtmZbtxyvITLS9aPkwKXVDYTvMNuDD8-gCHKSC7bGAkQz7oZcB...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDITX9t_HaMNlWqfJtGkW-A&google_cver=1&google_push=ARnp8GDkiCtqkIEsOqNdK4c94B96Kx52W9LePpfHGvwtmZbtxyvITLS9aPkwKXVDYTvMNuDD8-gCHKSC7bGAkQ...
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=1fcde351-45af-475d-9cd4-f0f709de55ab&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ARnp8GDkiCtqkIEsOqNdK4c94B96Kx52W9LePpfHGvwtmZbtxyvITLS9aPkwKXVDYTvMNuDD8-gCHKSC7bGAkQz7oZcB0WJoCBA&google_hm=bcGY6ECdQJ2pRDe8qd9ztQ==

170 B
188 B

40ms
40ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ARnp8GDkiCtqkIEsOqNdK4c94B96Kx52W9LePpfHGvwtmZbtxyvITLS9aPkwKXVDYTvMNuDD8-gCHKSC7bGAkQz7oZcB0WJoCBA&google_hm=bcGY6ECdQJ2pRDe8qd9ztQ==

Requested by

Host: 167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com
URL: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ARnp8GDkiCtqkIEsOqNdK4c94B96Kx52W9LePpfHGvwtmZbtxyvITLS9aPkwKXVDYTvMNuDD8-gCHKSC7bGAkQz7oZcB0WJoCBA&google_hm=bcGY6ECdQJ2pRDe8qd9ztQ==
Date: Thu, 30 Jun 2022 09:19:32 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0967
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEMxNRo7RT2ZJ6Y5f8hek3w0&google_cver=1&google_push=ARnp8GD8RyMv_eXAPn8MtCTyyQybfooI6hnnCsS_tXu_6j14iKi72EGymUTYyc997m853lYs9b-MBMja6ndD03MtNZx87w4...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMxNRo7RT2ZJ6Y5f8hek3w0&google_cver=1&google_push=ARnp8GD8RyMv_eXAPn8MtCTyyQybfooI6hnnCsS_tXu_6j14iKi72EGymUTYyc997m853lYs9b-MBMja6ndD03MtNZx87...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GD8RyMv_eXAPn8MtCTyyQybfooI6hnnCsS_tXu_6j14iKi72EGymUTYyc997m853lYs9b-MBMja6ndD03MtNZx87w4TYxPj

170 B
188 B

42ms
41ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GD8RyMv_eXAPn8MtCTyyQybfooI6hnnCsS_tXu_6j14iKi72EGymUTYyc997m853lYs9b-MBMja6ndD03MtNZx87w4TYxPj

Requested by

Host: 167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com
URL: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GD8RyMv_eXAPn8MtCTyyQybfooI6hnnCsS_tXu_6j14iKi72EGymUTYyc997m853lYs9b-MBMja6ndD03MtNZx87w4TYxPj
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0967
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGwEvU4m8PUS_Wxes_9dVbA&google_cver=1&google_push=ARnp8GAfBdOJWqceTk8E5e8AgjMcsLEULSKHkcsifWcz1CNHfYzq1e-cGcy3LgrDwpFD8B_33WvYj0sU...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGwEvU4m8PUS_Wxes_9dVbA&google_cver=1&google_push=ARnp8GAfBdOJWqceTk8E5e8AgjMcsLEULSKHkcsifWcz1CNHfYzq1e-cGcy3LgrDwpFD8B_33Wv...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE4NzA4MDEyMzkyMTcyNjczNw&google_push=ARnp8GAfBdOJWqceTk8E5e8AgjMcsLEULSKHkcsifWcz1CNHfYzq1e-cGcy3LgrDwpFD8B_33WvYj0...

170 B
188 B

43ms
38ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE4NzA4MDEyMzkyMTcyNjczNw&google_push=ARnp8GAfBdOJWqceTk8E5e8AgjMcsLEULSKHkcsifWcz1CNHfYzq1e-cGcy3LgrDwpFD8B_33WvYj0sUVSvHTIH_pH7A-k0H-0s

Requested by

Host: 167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com
URL: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE4NzA4MDEyMzkyMTcyNjczNw&google_push=ARnp8GAfBdOJWqceTk8E5e8AgjMcsLEULSKHkcsifWcz1CNHfYzq1e-cGcy3LgrDwpFD8B_33WvYj0sUVSvHTIH_pH7A-k0H-0s
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0967
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEELgFmxiaM9GlbB2DzFt0ew&google_cver=1&google_push=ARnp8GByj4ES2g4lQduS0ditvjSInJuFEV_o7ZQb_kadkw1ve3IoHnvv_Blknd2OjkoL23enrob...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDUwVEY0RVItMVQtTEk1RQ==&google_push=ARnp8GByj4ES2g4lQduS0ditvjSInJuFEV_o7ZQb_kadkw1ve3IoHnvv_Blknd2OjkoL23enrobkAdK1XgHHXSIJJZL4iGlir6az

170 B
188 B

54ms
49ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDUwVEY0RVItMVQtTEk1RQ==&google_push=ARnp8GByj4ES2g4lQduS0ditvjSInJuFEV_o7ZQb_kadkw1ve3IoHnvv_Blknd2OjkoL23enrobkAdK1XgHHXSIJJZL4iGlir6az

Requested by

Host: 167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com
URL: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDUwVEY0RVItMVQtTEk1RQ==&google_push=ARnp8GByj4ES2g4lQduS0ditvjSInJuFEV_o7ZQb_kadkw1ve3IoHnvv_Blknd2OjkoL23enrobkAdK1XgHHXSIJJZL4iGlir6az
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0967
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENLyDRjVJpFnqcWBZw1bRms&google_cver=1&google_push=ARnp8GBl7Vc41PnATk_MHM-DULOXjUodMWXTTldXi9ksAPevLDSMXcf54GXDx_tB6oVd00ykJqm0aTY3pp5uEKvn23J1U0k06PE0
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ARnp8GBl7Vc41PnATk_MHM-DULOXjUodMWXTTldXi9ksAPevLDSMXcf54GXDx_tB6oVd00ykJqm0aTY3pp5uEKvn23J1U0k06PE...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTgzOTI0MzA3NzcxNjMwNDIyMDk5Ng%3D%3D&google_push=ARnp8GBl7Vc41PnATk_MHM-DULOXjUodMWXTTldXi9ksAPevLDSMXcf5...

170 B
188 B

55ms
49ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTgzOTI0MzA3NzcxNjMwNDIyMDk5Ng%3D%3D&google_push=ARnp8GBl7Vc41PnATk_MHM-DULOXjUodMWXTTldXi9ksAPevLDSMXcf54GXDx_tB6oVd00ykJqm0aTY3pp5uEKvn23J1U0k06PE0

Requested by

Host: 167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com
URL: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTgzOTI0MzA3NzcxNjMwNDIyMDk5Ng%3D%3D&google_push=ARnp8GBl7Vc41PnATk_MHM-DULOXjUodMWXTTldXi9ksAPevLDSMXcf54GXDx_tB6oVd00ykJqm0aTY3pp5uEKvn23J1U0k06PE0
date: Thu, 30 Jun 2022 09:19:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0967 0
12 B 114ms
45ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LXjPV9_TzJ3mZx2CrXzKRlMvnyDuwOCnU9BJ7oiNPdT_owwTQ_YIDAmeEZGqPi5wXkWnva

Requested by

Host: 167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com
URL: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/6097948873975918132/300x250/ Frame B306 4 KB
1 KB 131ms
42ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae28ac28af4c43157ac63fb87660eeb34c97ccf6ac4a9c7340ae071a96bbfde4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 156042
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1414
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Jun 2022 13:58:50 GMT
expires: Wed, 28 Jun 2023 13:58:50 GMT
last-modified: Thu, 09 Jun 2022 11:56:29 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D251 0
622 B 168ms
72ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuq8mVhORoCH3-bg8PYgHZwFo_m3bIXLDhkngNa2kPDNJY90UISD07LiXD36sq0xpS621IAsbV22cnWzzEusHS3U41gHo-Cqqn_q_nwNDaUdCOAJKqGnVua7-4-Dl7pgg_AZ5rUyFxeIiz8jDnXz1u9QEWeEPKyWd42pgTZfcX8eTkuaFOLNgW48fIl2O_cOAMDtTVlzQ24OPXj4pZcQgYb06G0tQ-OV9Ay6_EurkrDlUKgY8j3qWLvrHRRC_OfixYgFKw5gR8ainVyLzN6xmMs_-dboQ_SWGYxKl0CizAo51kzFoYKOIEyb0WmS0WnhAHg1kUFHyS-tfUZEgFiIK09v3yNJA3maRTtf_zMEqLEXPqvWJ1pDuazuDFy889OodBGKd3o16wCLpWpa8ZSrECYB20J747AHXnpd_7NkrugE4j5bC1IIsg218fkybWZkFF1-tekSdmjn_3Ug6VhsXVlI3SGCwVznUD-4Q2GXbvOclt0QVUZpglzBVVtnws2tYUcU_fPTIWCSWMs9AkpBiMtH3muH9-rn-Khej8DjEKY1ZvUwiXHwpj4UC1YtlSGYduPyHHTC2tsJ3etZ1078_oQTjoYQ6J-UF9Xo3Y_ThSEkP9krcyjc-i2s6KFxmycpG3doYi1WxnaCQZbbKLECtAo420TIY3X7Un0e10cxECCd35WdHD5Av9JBXppdEoCl9j788naZoS8UwlyQNvZnrqZNTdCTuXlvuxdQaTyeHJStklwhDA5r1VgsVuJiBPpCPVviGONIIwbN9qDkZCvxJy7Ex05bjcTc_e74nRupPcmhpTWBc6zzAbSaKxilc4bbP5FGyqmY-3RE2Vwha6Aizh06AQdLiKUZ1Qau8pbb6bpqEZBHmi6WKl0t1RaqiM-0K97DVzDbhJx8QvGrSGQW9xofXSAUK7-VGIM3RhIpoIu8LnmJOsrVsGvzbKiGDalVXo9wUXjrxSr8muDnecWxe6mWU5Kd2RuVAAc3ZLh3cpOEJnAVEbX9xMSbBEjA8zchiKogNBiOttzCADMuKhk_e8hDSJmKHHu2HrdLGp9j5crYJmunAgcMlnCn-vCP1T25syQOyvA3aHFFTLCKOBXXmc69_ycnEfeoIGcgExL2O9ZmiJbfMtEUTkmZ2-FB6an2NoTY6EjBh3a1ZupO-_qi2tqkabZ3j-eZ6PD0f8vIrl03WyPS1mGY0RrcLQgD8u9oxo8wRVc_KXOgaewYqsAYzrcGZxfZ4753a13olI&sai=AMfl-YSARPhxRsbB9HleEnWRSLjfugNq6g15F-XJOByt4b7hx1pINJpLBiY6-v40k84L5nzG-NXxCDpwDJhdUlFOtCPGW5JEA1NsZ8pQATqzFduKJmD_QP6HiG39eJhe2ko8SnkUFVuuLjsmyOMLc3yM9FyMGx72cNN5fr4iRzoUQf2FuGlhPJlpTTM-ya9Pau1f5U0WbLuXOuhTk-xhkuWaBw&sig=Cg0ArKJSzF5s1XfFiobQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=206&cbvp=1&cstd=204&cisv=r20220628.90094&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 30 Jun 2022 09:19:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame FC0A 106 KB
37 KB 123ms
43ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Jul 2022 09:09:21 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/elements/html/ Frame FC0A 8 KB
3 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2JOirLnMFH8ntnTJIOovI8e4yACQKgYl7gGUmFWaIgEF1dA9LPFBeROCzqN29d40jZ_156g1d3rzq1runTM60deSlvlr453qPPgxeIBCuIoKsiCY_JOLB_49nhOV3e4OBiHlErNfh4NFNywUVELi5sPVsGQ&dbm_d=AKAmf-B5DmzKufU7V1K698jn9jillMEKvtU0riLtq8-y352Bn1iMMtZN3q8x85TKMD8vraNmHaSHr2LptPof1VOQrKf1HwlMZ83LOnrhvW5xPphiX2IwqT4j4zXJuHSnvpspPlmpt_gs8yDGsNy-uaQBEOpKI2FKlE1EkRA5UUC41GoAqBKMZYuOXAnGcQPiKMM7Ia3HzkEfuB1FM-4pGcZbFO8LAqCH6kzV1L-iEaAg8aHNjAUQqNl9IZulJgo2HNuUtT344jOnvFEyYvu5PF-AG1MqY2YKShSvPRtBRnwFxZoz2whZAdHeCKDf68BM0AW7ZirgaGuD9RrI6yKFmLChyLFweBl4BO3ruJCx0JFPl2pSYRBtVHi3uBkp6AYLicPC-71gSX_nSE73CNlpPAHKhKp9WM9-JD1DWe8-bfvSraoAu3or3ANlIpdAZFKTDoZGrnacVBiAN6SZEmZ3XoOmjDPGY4OYLDqUx808gPS4DvUxG5T7o-kT-MA8QRwsZrrszVwiOEnEFGanXYFiAqDk4Iw7z0w9Q8MslPCDLhS6jcnOfO14xLOsHLAIxjZVXQXQzJq-QAAu8BF2mmMR2gdkfhR93eo27QRJQ3KZhu6JEziOllMAiVZpSAhHYH_8pQOrqeZNB96OMT-CzkeSMzVmWzaTwmHo0I7BzjUw2PKa26ycAv_eZBu2gpXK1El7NXD3iqUheWUjHBY8dX04sEcK6MaB3ArRwg6tSB6vr99hBJYWajyNXktNqfVBEeXCuzVHSHT-J3pPo9C8GZHgl8ieVdTAgF9Gs3NWlEghcqgRCGa5cIFEuIVipkAxcuBeLtDCppwjEwSqb_vfb5Qy70oWS1z0Niac2KZR6LRJcqhKDvLQO_WoIzgRpZoel2P5fG4UmziCFAyZjuwaiqSwVT8ATw0MICDmGhpykeg01jp-AbxXO7h0klukM7PXGI41vHVsMt5WAYUfawdNdVzIcanjrF0nVgN0XMrb8YOnZ_D4bv_JIvcB6-s004eInbpvUVNvwx9pfGtJWeQWH-CAngamqhmXqQrpEW6zTQbb2A8euD2IVOBGu2_WlyFRQixQRceFjHejUmWgprkfLxQXd7-jprmR4sUYeyOS4ULfvvE2aZbQgeERNs9MAd70m6L8FI1soJLYDQiVmW35g1RxRP2EKgVx7ZPsek56xUoxp9l_ekhOTkgAbWawZgGxgdNlU_SJqtqO-9udG53_wH3-NDpKCf9WG75iTzTQL5jBQTfah69qkmqCY2DHFyJ50lUpPou8XvdTmpFDspE-azWnwM0NzvvhP7NJ3yFFn7WlcaCzZ1i5D8GsBe6Rq6ii9WBnSi4zFBfAOQ87xl3fI7n3tt7Yl3VEvkviqp6CwCq8XgEXg6Qi-fWtNeLYSkVuLlp78a0RtgQfCt-o2drBBeQWkbBytG2lImqu6rFkE6uCYAX8Bn8qxqf2_9fxv_G4aOHvYJTVbokbgINHlmV-kmyzyLn0VYx0XTL2IxHr1FAQw9SpOY96aXQjEE80tq-wxUm4bYY80AY1uIrVvwCCfvoGxQL_1CRNcwgcO08ywOX6eVclr5uyDHyOwckBhNS8Kc_5_I2yIKtRQqH0NiURcP9btoN8xH5ovGPTARhTfvYLJUMhLFQ63IjMVFmahKTYOpEQZ_8HQhrjFmIoSkK5piPSB8A_Wj6_YAhpEqF5mJNDNw8rVHlKvJQnAhV0F4qxAhB6_HxaG77P5wu_QvtQiglkvhdt2VhlBy5fVKTaF8Id2y8Zof-ofXxVoJtyPIkWoXA2ITq9Uec4q4U4Lkpik8sAXvicpXnbvkaaBOzh3WnRy3W2FU1q_4pvD8W9c86uKRB6zi-vGOWbFNPd76tuiePV6DaetktnhVR4dONHEOVTBU5XPVdW0pnR2d3g3W2wVtQyLTfhpMoGTjMOXiwWLOGj72wYZjzXXG10VKMP-OrkUeYb5jbgZ7gAX7IxcqEL_JC77vs34O62EKPuq66GcqIl0pC7EQRNQndGADH9-3WEPkZU6LjccKVNvS3SCjp2QpjnyLJvIohnhbXClAUwGFCv1xCnk9raOh1pysWM_DvS63iW9Ta3ChgkZ_dE3PrnzR3T_XDfpTJZej3iV40uVgQDbbx7X6ItDbBuiENdtrLbj2OlxjBwcgpS2I5G7S0qB9X1jt7V6C-USlyyQvLKk3gJmoKHaLPYbA8HISStT7LYBbk9_6_BouLIClmeeGSut-mucirs10wMqQIMggVxWwYhIuk0ag3K94whKFIqnEtrjhcTBdxk8jv7qNEoxqdqNH6DxwjldigiVb-q2CZP8VWtBdIg-IjD1Uuyav82qJreHYo-06KsLTvLVW0KhCBJw9uu17nEoiltCwlz8YonKj-UIb-q_dCmfUaiIl7IjySLOlVSaHipKtuHfzua43NOyDoYvtrtl896YF4WNgaslEvt8kEOjjDKNKbviXVZXzYZrwdcuu1-amldzysWEEL6C95tM0y55h7lD-nG22y8VFf6zpjP-yHLQHAEsdAXRmY-agqLyZ1vDQtmjL1RljHeOzihlHRJht71-6zx5x6rnS5HpKyVLn6JUh4WV9kD2dN9fWP5G2cTQCJ9kMcJgxH-_Vmaxrkje-Ffz9w8hmc1u33ZBXBQ-o4BW34EghoAeV9cPyGTpDTjZdB5PtjQt0k8Ug0RlRZVbua4j9iHU4HMfofU2gPDgPc_8P7MGP_-8u-r8ACQHDidUFFhAXkORv2PvNxaydntofqtknyjJqk-NvdJrOJooKkLXKof0tEbFgAkiD5HCMECrUqVRT1u2D38DbgRP1zfqyf5Wi4R8R3xy_E3bDYdpcc6fsQi9gX8XK_mC79P-Gf6DcNnQ4xnUhY-VQ1c1Ckp8WSjaVpXtAkbY8hxTjeRzDXQOov1bKCjW9ZYeeCuqcOSi1NZNU3AXr1lvYkQMXptX0UTGaiV8yGJhzINvQX4uTbZ122OOqsKnENvyhcgbrtPQBXYCXuRuAofAGi2Wi-Qvaz5_173tbfhKkAO9rC_ZpUJcNru8150-lh7gGNspXaQZl54X877TRaxIPaoO4V9-tihRqqLBpZH4fil0rr7SonOX0KzGCUHImumJ0GrwUntv7oWq_hklJ_PLGcrIFA1g1D7L0G_kDbWvT_79LrZE_-bD7hPSL-TmJJjNtGwCqdIu3WnBa-e7jNEtUsuNznKsvxQFaY12GNO5EWi1mdePdqU20nN7T758gDKJG0IjBzx60SE42R0R7oNbXlAnJCd4o0RiE3BPh08VBOqqYGH9YVoDTHwILe96P4v0DCFIgU7PMBj6Bs&cid=CAASJORoNKE_p85fenCDEyPpMpzukUAy6bAtuWlLojbEmz4xe8UJtQ&rfl=1%2Chttps%253A%252F%252Forientaldaily.on.cc%252Fcontent%252F%2525E7%252594%2525A2%2525E7%2525B6%252593%252Fodn-20220630-0630_00202_035%252F%2525E6%2525B8%2525A3%2525E6%252589%252593%2525E6%252593%2525AC%2525E5%252586%25258D%2525E6%252595%2525B4%2525E5%252590%252588%2525E5%25258D%2525B0%2525E5%2525BA%2525A6%2525E8%2525B2%2525B8%2525E6%2525AC%2525BE%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:14:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 09:14:34 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/ Frame FC0A 27 KB
10 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10545
x-xss-protection: 0
server: cafe
etag: 4672069523611413616
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 09:13:13 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A09C 22 KB
8 KB 38ms
38ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 09:09:55 GMT
expires: Fri, 30 Jun 2023 09:09:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FC0A 41 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 610
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 09:09:22 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 708A 1 KB
749 B 38ms
37ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12348
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 05:53:44 GMT
etag: 48472445140208031
expires: Fri, 01 Jul 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FC0A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 220e3d1fb930ba0b45cba94fe40aafebc0cc2d9e281acc3c6d2e62ebb4796ac0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 67F7 22 KB
8 KB 48ms
39ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 09:09:55 GMT
expires: Fri, 30 Jun 2023 09:09:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js Show response
pagead2.googlesyndication.com/bg/ Frame A09C 36 KB
13 KB 45ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 09:10:06 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 708A 35 B
464 B 50ms
10ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENmOka2Wx9SYXZwN0mQXa50&google_cver=1&google_push=ARnp8GDpxqbEKnzHVAo5v5CMrKdbVbumIEPm6g77BUtK7sBHv00tWfztej77lmhWcTDWZtTTqsSRbVhE6jUxtJV3KWU7xOzUlA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 708A
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESELD0Qcy5jzF6C9Kh2KbxESw&google_cver=1&google_push=ARnp8GCvjme9QrvKQXSKbp1p96aviuMaksx99mAovjBUNxdNkOFObyygldaFFOPu-ArCxGmhxHXyYcqxr1m7uyrzHRcerd5cOA
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GCvjme9QrvKQXSKbp1p96aviuMaksx99mAovjBUNxdNkOFObyygldaFFOPu-ArCxGmhxHXyYcqxr1m7uyrzHRcerd5cOA&google_hm=Q0FFU0VMRDBRY3k1anpGNkM...

170 B
188 B

46ms
39ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GCvjme9QrvKQXSKbp1p96aviuMaksx99mAovjBUNxdNkOFObyygldaFFOPu-ArCxGmhxHXyYcqxr1m7uyrzHRcerd5cOA&google_hm=Q0FFU0VMRDBRY3k1anpGNkM5S2gyS2J4RVN3

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 09:19:31 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GCvjme9QrvKQXSKbp1p96aviuMaksx99mAovjBUNxdNkOFObyygldaFFOPu-ArCxGmhxHXyYcqxr1m7uyrzHRcerd5cOA&google_hm=Q0FFU0VMRDBRY3k1anpGNkM5S2gyS2J4RVN3
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 708A 0
98 B 121ms
40ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DARnp8GBy9c6q1XsAuxU4G-t70x7DvyXe77NTgd_4VmCc0jwLxyUluMOGqKzXKpHBz68D9LMVzsn-Sxe8V_l77uQkr7wvjs8d6w&google_gid=CAESELIFn-87wNceX2kPlUz5wrk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=90&slotname=4687187148&adk=190292511&adf=2300459119&pi=t.ma~as.4687187148&w=728&lmt=1656580771&psa=0&format=728x90&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656580771493&bpp=2&bdt=5060&idt=3&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1eb916856b026e57%3AT%3D1656580769%3AS%3DALNI_MZFHAHy4KvX4pXnahAxZK-0FK5pFw&prev_fmts=0x0&nras=1&correlator=602963358455&rume=1&frm=20&pv=1&ga_vid=248626736.1656580771&ga_sid=1656580771&ga_hid=15067015&ga_fc=1&ga_cid=965798538.1656580769&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065545%2C31067983%2C44768099%2C42531605%2C31061691%2C31061693&oid=2&pvsid=203634787387024&tmod=726087036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&fsb=1&xpc=Oqgf4LTKww&p=https%3A//orientaldaily.on.cc&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:32 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 708A 43 B
351 B 122ms
49ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEOsw1ybQuLvAuFrBxezc_R0&google_cver=1&google_push=ARnp8GBWaXGCI85q7Mt7KMbyuEx6CO_5sveVSjZ0uSGaTquJspH2oHDi6llSLZEHkGN2l122FCUvHCs7KVbB0ikcK_9hc5sr
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=90&slotname=4687187148&adk=190292511&adf=2300459119&pi=t.ma~as.4687187148&w=728&lmt=1656580771&psa=0&format=728x90&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656580771493&bpp=2&bdt=5060&idt=3&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1eb916856b026e57%3AT%3D1656580769%3AS%3DALNI_MZFHAHy4KvX4pXnahAxZK-0FK5pFw&prev_fmts=0x0&nras=1&correlator=602963358455&rume=1&frm=20&pv=1&ga_vid=248626736.1656580771&ga_sid=1656580771&ga_hid=15067015&ga_fc=1&ga_cid=965798538.1656580769&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065545%2C31067983%2C44768099%2C42531605%2C31061691%2C31061693&oid=2&pvsid=203634787387024&tmod=726087036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&fsb=1&xpc=Oqgf4LTKww&p=https%3A//orientaldaily.on.cc&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:31 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: en3d265ufkej284gn7m43aro9hp3sd09

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 708A 0
166 B 81ms
15ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEI_oBPMfxTLUnu1vF5a6C14&google_cver=1&google_push=ARnp8GAnWI40URz8Pms41DzwDoQtUDUXQETDcqU2HDxctuMUhqBrqCWSPKqvEqxxIm2QiGp5-5hzBgUX6nr-VexeSwCt3KBQ3g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=90&slotname=4687187148&adk=190292511&adf=2300459119&pi=t.ma~as.4687187148&w=728&lmt=1656580771&psa=0&format=728x90&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656580771493&bpp=2&bdt=5060&idt=3&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1eb916856b026e57%3AT%3D1656580769%3AS%3DALNI_MZFHAHy4KvX4pXnahAxZK-0FK5pFw&prev_fmts=0x0&nras=1&correlator=602963358455&rume=1&frm=20&pv=1&ga_vid=248626736.1656580771&ga_sid=1656580771&ga_hid=15067015&ga_fc=1&ga_cid=965798538.1656580769&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065545%2C31067983%2C44768099%2C42531605%2C31061691%2C31061693&oid=2&pvsid=203634787387024&tmod=726087036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&fsb=1&xpc=Oqgf4LTKww&p=https%3A//orientaldaily.on.cc&dtd=11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 708A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKfabakLr_vXi42O4_NOfN4&google_cver=1&google_push=ARnp8GCSQ7FS6BOh9Gly309HXinpCgCzRTm5Uia15kH76P0CeVbeVy_s0JCUVEqdpsAX15Y_XxK...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDUwVEY0SFQtMVMtM0YxWQ==&google_push=ARnp8GCSQ7FS6BOh9Gly309HXinpCgCzRTm5Uia15kH76P0CeVbeVy_s0JCUVEqdpsAX15Y_XxKkWtYt0KWQ7PsC4xwRPOO8VA

170 B
188 B

40ms
40ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDUwVEY0SFQtMVMtM0YxWQ==&google_push=ARnp8GCSQ7FS6BOh9Gly309HXinpCgCzRTm5Uia15kH76P0CeVbeVy_s0JCUVEqdpsAX15Y_XxKkWtYt0KWQ7PsC4xwRPOO8VA

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDUwVEY0SFQtMVMtM0YxWQ==&google_push=ARnp8GCSQ7FS6BOh9Gly309HXinpCgCzRTm5Uia15kH76P0CeVbeVy_s0JCUVEqdpsAX15Y_XxKkWtYt0KWQ7PsC4xwRPOO8VA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 708A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIA4bDp3loTYNljKXRCLhtY&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIA4bDp3loTYNljKXRCLhtY&google_hm=Yr1qpNNk3L3R0qlWOLJacgAAFJYAAAIB&google_nid=index&google_push=ARnp8GBBvToaUCHtSnmwnlEpm4tp-q4s8COHr...

170 B
188 B

42ms
42ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIA4bDp3loTYNljKXRCLhtY&google_hm=Yr1qpNNk3L3R0qlWOLJacgAAFJYAAAIB&google_nid=index&google_push=ARnp8GBBvToaUCHtSnmwnlEpm4tp-q4s8COHrzEmjzdZHnkbd5ZFK_tR7-0K9pi3BBZdQz8ztmfpRAxXuKGCi2QJeCL7mRqUlg

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p2Lu5evb7ySpxOeSdftd7VS4fpKqlazacUcXiZuxoQLi3zmHuBcB702A7Aeuv5gmcZdkftWWVzb8kiefJ10p%2BRyg6zDqa7onK6ZS%2FS7rYJiLCw9foajGYzyO2AUSRSap2cVLkqSgKi4RiA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIA4bDp3loTYNljKXRCLhtY&google_hm=Yr1qpNNk3L3R0qlWOLJacgAAFJYAAAIB&google_nid=index&google_push=ARnp8GBBvToaUCHtSnmwnlEpm4tp-q4s8COHrzEmjzdZHnkbd5ZFK_tR7-0K9pi3BBZdQz8ztmfpRAxXuKGCi2QJeCL7mRqUlg
cache-control: no-cache
cf-ray: 7235d222bd6b9b3f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 708A 0
12 B 52ms
47ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JEWATvydmXse1tGc_GE_hUHJ8LHrlBl3gy_tO8iq4FSo0p7bi1gi7oyDM1dTCEgUt4wy-7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 style.css
s0.2mdn.net/sadbundle/6097948873975918132/300x250/css/ Frame B306 499 B
290 B 46ms
46ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981a2ca896313448334b155c40c75f1bcd39918b5aefb820415fa142834ec0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156041
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 261
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 13:58:51 GMT

GET
H3 200 bg1.jpg
s0.2mdn.net/sadbundle/6097948873975918132/300x250/images/ Frame B306 68 KB
68 KB 46ms
46ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/images/bg1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbbdfd3cc8ecc010a5a3c55865a859b44008d80f04627faefb09e726139d0feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:58:51 GMT
x-content-type-options: nosniff
age: 156041
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69347
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 13:58:51 GMT

GET
H3 200 legal.png
s0.2mdn.net/sadbundle/6097948873975918132/300x250/images/ Frame B306 4 KB
4 KB 46ms
42ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/images/legal.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981733af320237e1b71663066c5741539c54a8883268bb5e429cb49642f275cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:58:51 GMT
x-content-type-options: nosniff
age: 156041
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3666
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 13:58:51 GMT

GET
H3 200 bg2.jpg
s0.2mdn.net/sadbundle/6097948873975918132/300x250/images/ Frame B306 41 KB
41 KB 49ms
45ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/images/bg2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0218a32b5c20abf439b8b39ba5b3179019d0d3ad9183ca89bd9ae662fc959f0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:58:51 GMT
x-content-type-options: nosniff
age: 156041
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42054
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 13:58:51 GMT

GET
H3 200 legal2.png
s0.2mdn.net/sadbundle/6097948873975918132/300x250/images/ Frame B306 8 KB
8 KB 47ms
43ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/images/legal2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49484c10289ade69f6793b62747c2853739f9b850609c85bd271b0eb43724bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:58:51 GMT
x-content-type-options: nosniff
age: 156041
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8465
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 13:58:51 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/6097948873975918132/300x250/images/ Frame B306 2 KB
2 KB 55ms
51ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/images/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04a10b98a122cac304f213200a1338aa7b0c7aac308f831b9bb377be6368a6f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:58:54 GMT
x-content-type-options: nosniff
age: 156038
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2234
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 13:58:54 GMT

GET
H3 200 yellowBox.png
s0.2mdn.net/sadbundle/6097948873975918132/300x250/images/ Frame B306 679 B
706 B 55ms
52ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/images/yellowBox.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0520780a52a9dc8a8db00c8afe179461d1dd9f4a369bd11c299e45b64aba6dfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:58:51 GMT
x-content-type-options: nosniff
age: 156041
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 679
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 13:58:51 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/6097948873975918132/300x250/images/ Frame B306 4 KB
4 KB 55ms
51ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/images/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aac0db71b09b09fade52f1d6e2cefdff67af34d335855a0d99c8d29fe9c5632b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:58:51 GMT
x-content-type-options: nosniff
age: 156041
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4039
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 13:58:51 GMT

GET
H3 200 tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame B306 105 KB
35 KB 1386ms
1386ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35824
x-xss-protection: 0
last-modified: Fri, 09 Oct 2015 14:01:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Jun 2022 09:19:33 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/6097948873975918132/300x250/js/ Frame B306 1 KB
429 B 44ms
41ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/js/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61373cb0fa602b4572dde5327f834507ac30f6254df36fe0feab0f03cd02bd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156041
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 400
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 13:58:51 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4803125007237303047/ Frame B9C2 72 KB
22 KB 46ms
40ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4803125007237303047/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae90edd3782a0437f89904168af8c601f5c4883c553855d66ba187ad3884119f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3250
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22870
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 08:25:22 GMT
expires: Fri, 30 Jun 2023 08:25:22 GMT
last-modified: Tue, 31 May 2022 12:33:07 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame FC0A 0
27 B 139ms
75ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvCp1wADojK2yRQU1hzjowFnzKp2OuWzawrQVElawmje8vJvyVSg_UcqR5czLjLyEDLyJ7bNBjHmrEtCvNc8GsprugccN0guZvfoYrrvR5RH67Ujr79gDP-RUg-qlytRka9jRngiRXRQjJ94AypQki_4ZC_8LVfWVNA31qkp1JuDISFj4kwxPd0chdi1i0TdEnC-2f9ubvd9a_fwzm09oBGzWlf8MHFdGEWrl9Ca23bLeKmIIWKkicjbjFNWMZZJNxR3lWMVsUT77T2AQSQFahII4rphmlgeXQG6vq8yBGEu2dDY4pcwjBi5_UHvzr1NsSy_6wG6UQovb9sIjWOe6UoSk_522LpoBG64rT4hH6i_6Qe33xscExqszWMucZTppJ4V1WH1lKMGju86bcFSBKQt8BijZOsIvkH_RrWo7ZANJZPIKyXsjt0h0X-AlEsKjPJTXrL-pXQpQ33ZUUToA0LPq6j2PoO4lGaB53ExcdGk6u7mBpvW5djH18p1OJmjIsFlu1B69hBIM4hpZFq5PBmBIA4Wz--nm-HDS5Ijlf_upIDwXau_fNa4pcQEGhCdo2utf1uvC4PyBk8fENdA7yzwJqIqjbjL9lGDzfKw_i1uE43xTkeqyLBYkJJmOrlU5spoPTI_eQXt8GTCw49CiQkJL5ZD5OCkZQJ_-JnMWjRtNDpFjydMbvSdUbhecUQsc7P3s9v2CvJGSJquaH-LSB8Y58WOMffBYNlc3qmtMhkKPsi4Ceq8Bc_z67elD8GAd-hSr7hNc3eEqMcNrSvZBlFp7qQuJf6qWrQ4qnRUtMJEhw4EfrHJBhZlBjJ6vI5Zgnt1sj_nqDYuYiKcZwkM3OsX8sSVRxUos26sZFYF3OcXhO8MFNdKCM9j9SzV79tNXtsgpJlJGLnPaX6MXpohwYg17Ks9nbZqLX6hc0bYwQ2ZYXlOfGQ2VeHsdnLTo-TGivoWUr0FejX3x9A7gya638CHAIzBS8gDa5LVypQ0VEBg6kwaMQq1UtW5LvIp_idMhsrwJktNo-Cj88qPlbCfqZ0J0IRb9DGF-XJrBfMY3vC9fS4NML-nZWdmqfE0ROEcQ1VVl0Sq936ttEykOcw9HgSPSXhP89waclB-eMhrmyLb3izFBGMvYgqi_xFCuQrono98XO-WBv1JNSdC3CeVPFglD1SqVAQgbBB4v6B3EZeJjjQhJXNVksmilfKqCTp31VtyVPjrO-s_2bSpHOHYVzhAvaghJuU-2Z0GtHlyf9kaGz0ClPUYlLHxbae2nfFCSULLg&sai=AMfl-YTEKTsy40DmavENOUqlDvHll3kZwa_wJBMqmldV3yk5Cgg6X9QPF4M5FhdWESaI8mOl1LoQRKuF_clutZyo7U1fR0SK5O0oZrt0x-gueTLpmGfkqTXnDTgMgsXs2UcPY1dqRwMiQliKwbckAGbcNqe3TKmNn_gurMBVLe1FtBdL8TRGh5gQ0mi0DU6b2H8e4JKHfyDb_TrOMPfjlK7Zq6PIohBpq2xH4kzPJAbVFNv6iyc&sig=Cg0ArKJSzMXLd6kjY6aKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=164&cbvp=1&cstd=161&cisv=r20220628.34537&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 30 Jun 2022 09:19:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js Show response
pagead2.googlesyndication.com/bg/ Frame 67F7 36 KB
13 KB 40ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 09:10:06 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B9C2 9 KB
1 KB 136ms
50ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:regular,italic,700,700italic&cb=1653995220

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

594634cc0b7f37cff08b11778c0f039912467ce455f22b4741fc94da6985695f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 08:20:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 30 Jun 2022 09:19:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Jun 2022 09:19:32 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame B9C2 57 KB
23 KB 115ms
115ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Jun 2022 09:19:32 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A09C 0
20 B 76ms
75ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0dzYo2q9YszLL4PYx_AP9eCR-AQAAAAAOAHgBAI&bg=!xMelx4PNAAaLlKKnq5Q7ACkAdvg8Wljd4VGXRgpJ16DGyVb0V90ASOltuJlqICwOeym6iu8jdTAbigIAAABpUgAAAAJoAQeZAy0ZCMAMGMeO-zh-n3CEPQ_m7XUPxNJiAtvd2_3VvvMASaq6FxFrWYGrvg7mkce7NOpBm_mX_ae59ZHeaa_NW3Qimc9cdZz44xzHzaVNeDtd6EduOzQi5thUyzmSjy4UqySvnFkFW7q74eOhgumsT2ar27C3Rw8wony875t1WmGhewKyUgpj6uZJjf9ZwRvI5-gM6u9Teo9VA_0Iq1iNQIVAVkDaSaMvzrmmDaYcG7dam29WGnotyu8Fa6BgMUXEX7VkMc_fptzjow_O8vdK163BhooikHMAaxk-1yVTWEblmpbZwFvZHz5TiSgghSFyM-OuX03i_q8Hcghpzx0CN9pcnsjfeupYmg_b2Lb7WrAThDo_23iGC956oU63StFpy_qs7zy0Z3SQYwch8tOevODjPWGDC6SWVOysykoZ9unTszjYv-fS9GzrtUgI8D6yhQlllquT405WjNd_nCuna3UGJ19anPJcxYK2TFhGopX6NqqGzedTJsQvMAa0Ph4Wski8-wT0pb-8vhKqIG0myoyD-0u1tBm0-DVhUlnXVIZNIPN5EWcRvji8i4BaTx8DI0c8Sb4CvQcDkS-g2j_GPqc-pOQnPPBqI-NISS8sMkYy7ZQCF8aCOzFJu7pa_7HqljjafJUrhTHU9xfNBaiO8qijuZ667hvtxYvADUxjRFdZLZdo7SjYd9TIygypSLPie3FRHFXX075XVPrVhxX2hBoRQITNbu4hOgWGf9CmVZ48TLbh9aQ9weeDRMbA3QSyhNmg_fHQ4Y4cqkdkBCov3wuDz2eY-2PQGqT77avldC8zUAhEc7Ieg9UV4ubebr5VvtB1WVglxPBt1i20yVFxNXfonS651Z8hmsLiEpilCu5zyhYcVAaAiLtFdvAOnIDB80vS3kQAVvwUUrflx_Dz55yr_C88LJ5a4Q-RkSsfY56wbJljQqMy4Me6pFXSsNhYvDDpH-AFjNr4Z6L3fmsSffyMOY9OZbLar1kaUIZrPKmPUksvSre0QiIunD02beMhVwlS4dkMwos_C24C81bxaW8DoVfCRTBydoJgP8EgmknV2vf-n4GsS5W6EoI28jY

Requested by

Host: 167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com
URL: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 033093dcc4b3d9a0c55a82b319857cfd.png
s0.2mdn.net/sadbundle/4803125007237303047/ Frame B9C2 179 B
206 B 40ms
39ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4803125007237303047/033093dcc4b3d9a0c55a82b319857cfd.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff52e77e92ebac2ac40d34ba22d46a973f17759427f09c374b55e1e1c0bc954d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 16:08:13 GMT
x-content-type-options: nosniff
age: 61879
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 179
x-xss-protection: 0
last-modified: Tue, 31 May 2022 12:33:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Jun 2023 16:08:13 GMT

GET
H3 200 692194b914be16ba4c7fd50d2b359f83.png
s0.2mdn.net/sadbundle/4803125007237303047/ Frame B9C2 885 B
912 B 46ms
42ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4803125007237303047/692194b914be16ba4c7fd50d2b359f83.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b89cf78a666983a961940e155386b7cbe0f104ded9139a509af316ad266db7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 16:08:13 GMT
x-content-type-options: nosniff
age: 61879
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
last-modified: Tue, 31 May 2022 12:33:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Jun 2023 16:08:13 GMT

GET
H3 200 10e982c1815a0c9712c95545b6600a82.png
s0.2mdn.net/sadbundle/4803125007237303047/ Frame B9C2 8 KB
8 KB 48ms
44ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4803125007237303047/10e982c1815a0c9712c95545b6600a82.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70981391c8766799262003ec9ea88137126e37529c6ba6b256677e38d0dc4549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 16:08:13 GMT
x-content-type-options: nosniff
age: 61879
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8626
x-xss-protection: 0
last-modified: Tue, 31 May 2022 12:33:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Jun 2023 16:08:13 GMT

GET
H3 200 b31daec66bf9c28d5af80e2cd85919ed.png
s0.2mdn.net/sadbundle/4803125007237303047/ Frame B9C2 1 KB
1 KB 51ms
47ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4803125007237303047/b31daec66bf9c28d5af80e2cd85919ed.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a3495f9b6eecc87d4806359ca818194adf6784c4b1b01c9b27db703aa841468

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 16:08:13 GMT
x-content-type-options: nosniff
age: 61879
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1388
x-xss-protection: 0
last-modified: Tue, 31 May 2022 12:33:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Jun 2023 16:08:13 GMT

GET
H3 200 58fe4b78cb6b42ef35ee398d2881310d.png
s0.2mdn.net/sadbundle/4803125007237303047/ Frame B9C2 1 KB
1 KB 48ms
45ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4803125007237303047/58fe4b78cb6b42ef35ee398d2881310d.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

474f7459231bfb540c70dc42c04766bddc36c1b395846cce58b235940f5149bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 16:08:13 GMT
x-content-type-options: nosniff
age: 61879
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1054
x-xss-protection: 0
last-modified: Tue, 31 May 2022 12:33:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Jun 2023 16:08:13 GMT

GET
H3 200 ea2163a39c26832a03955dda2534136f.png
s0.2mdn.net/sadbundle/4803125007237303047/ Frame B9C2 928 B
955 B 52ms
48ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4803125007237303047/ea2163a39c26832a03955dda2534136f.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

478e9400d4daee656ea306f2d9e1a52e8b79ec2dce734a69104cbc12238afb1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 16:08:13 GMT
x-content-type-options: nosniff
age: 61879
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 928
x-xss-protection: 0
last-modified: Tue, 31 May 2022 12:33:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Jun 2023 16:08:13 GMT

GET
H3 200 e76bd597b3e8332d58dc89419a171712.png
s0.2mdn.net/sadbundle/4803125007237303047/ Frame B9C2 1 KB
1 KB 47ms
44ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4803125007237303047/e76bd597b3e8332d58dc89419a171712.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b721ad5a520ac92408e22a65991fb6d2e6d4fe6c4b443b3f65b778a4726c01b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 16:08:13 GMT
x-content-type-options: nosniff
age: 61879
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1214
x-xss-protection: 0
last-modified: Tue, 31 May 2022 12:33:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Jun 2023 16:08:13 GMT

GET
H3 200 edb98e31112d7711f649d874fa55090b.png
s0.2mdn.net/sadbundle/4803125007237303047/ Frame B9C2 1 KB
1 KB 49ms
46ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4803125007237303047/edb98e31112d7711f649d874fa55090b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9a420d5ee2aac604f4a89e935a225d1bb2ea94837bd96bd84b9186dfbae792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 16:08:13 GMT
x-content-type-options: nosniff
age: 61879
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1143
x-xss-protection: 0
last-modified: Tue, 31 May 2022 12:33:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Jun 2023 16:08:13 GMT

GET
H3 200 cc2bae30a41b48352ac924f8361504de.png
s0.2mdn.net/sadbundle/4803125007237303047/ Frame B9C2 939 B
966 B 55ms
52ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4803125007237303047/cc2bae30a41b48352ac924f8361504de.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9d0c7386619ee9332d28a857852f6a36124d7ec75f10fef15d317535242c9b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 16:08:13 GMT
x-content-type-options: nosniff
age: 61879
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 939
x-xss-protection: 0
last-modified: Tue, 31 May 2022 12:33:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Jun 2023 16:08:13 GMT

GET
H3 200 f3614bfe3d07f9b34b40e9f01e912872.png
s0.2mdn.net/sadbundle/4803125007237303047/ Frame B9C2 1 KB
1 KB 55ms
53ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4803125007237303047/f3614bfe3d07f9b34b40e9f01e912872.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83d56754fb658ec50906e682d45d01ec010e2f77d7da69fcc56a85ab276de39b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 16:08:13 GMT
x-content-type-options: nosniff
age: 61879
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1142
x-xss-protection: 0
last-modified: Tue, 31 May 2022 12:33:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Jun 2023 16:08:13 GMT

GET
H3 200 2a555557340424898f7432d2a66b6e73.png
s0.2mdn.net/sadbundle/4803125007237303047/ Frame B9C2 8 KB
8 KB 54ms
51ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4803125007237303047/2a555557340424898f7432d2a66b6e73.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70981391c8766799262003ec9ea88137126e37529c6ba6b256677e38d0dc4549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 16:08:13 GMT
x-content-type-options: nosniff
age: 61879
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8626
x-xss-protection: 0
last-modified: Tue, 31 May 2022 12:33:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Jun 2023 16:08:13 GMT

GET
H3 200 8df1182e995d56db8bfc176f6fafb93c.png
s0.2mdn.net/sadbundle/4803125007237303047/ Frame B9C2 1 KB
2 KB 55ms
53ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4803125007237303047/8df1182e995d56db8bfc176f6fafb93c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3871c5dc9d47fd4a3376b505550129eed1ef2bfc201b9b87fb374aed7737d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 16:08:13 GMT
x-content-type-options: nosniff
age: 61879
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1518
x-xss-protection: 0
last-modified: Tue, 31 May 2022 12:33:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Jun 2023 16:08:13 GMT

GET
H3 200 954cc831109841d5ba669ba18aade087.png
s0.2mdn.net/sadbundle/4803125007237303047/ Frame B9C2 8 KB
8 KB 53ms
51ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4803125007237303047/954cc831109841d5ba669ba18aade087.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70981391c8766799262003ec9ea88137126e37529c6ba6b256677e38d0dc4549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 16:08:13 GMT
x-content-type-options: nosniff
age: 61879
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8626
x-xss-protection: 0
last-modified: Tue, 31 May 2022 12:33:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Jun 2023 16:08:13 GMT

GET
DATA 200
OK truncated
/ Frame B9C2 12 KB
12 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e645aa1499532236c890f328050813c6ae0129adec27552918a58e0a62b12f57

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: font/truetype;charset=utf-8

GET
DATA 200
OK truncated
/ Frame B9C2 10 KB
10 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d9c73df8620d65afdfae662bb0ccb6732673273a25727e1b8d5690dfa060cd3

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: font/truetype;charset=utf-8

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v27/ Frame B9C2 12 KB
13 KB 124ms
37ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:regular,italic,700,700italic&cb=1653995220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 16:22:46 GMT
x-content-type-options: nosniff
age: 233806
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12684
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:28:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 16:22:46 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ Frame B9C2 13 KB
13 KB 132ms
45ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:regular,italic,700,700italic&cb=1653995220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 17:47:57 GMT
x-content-type-options: nosniff
age: 228695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12860
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:27:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 17:47:57 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 67F7 0
20 B 72ms
71ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5shbpGq9YpJ93IWVB5GqhdgOAAAAADgB4AQC&bg=!BAelB0PNAAaLlKKnq5Q7ACkAdvg8WmOFmQHetBhu8S33lyBd0QBAWXaKVTsDsXvwyW1lhtnyp1zJFQIAAABgUgAAAAJoAQcKAASnrhdKmQM3IgX5WQsER_JHO3YAuDm3m75fm1L9nIZXk-O0uSrDkig9O_79psqKs8nwxC7VoC1SChQMImZh8czwaFkNCkkVEZ4vZPWGyJbF1fjy2mWNYHSt2dWGgis7xX9Avjteaf3yERrYQwyEvwxb2jYoD4p0KNhyh7awsoJZ0tK5LnHLd1Mxx6o9Uo-9uavAYw-cexwWlFXPaicqjZ7P-JuFkd2E37F4WHAWDRgw-pHWjHqVgTrFryTbI4gmEsQZH7VrqGLH_UefUBXSTmGA9qXbzIJTeq5Dcf2n7DK6JBDrKz9ZF69D6Oqej82kNHdRbCLnyf7R1-0inBUXG8xWDYiMH5092pcfg06S_BnjsMCBaN4uHFhUB5rtqN4USDX0QvwGSNzu-Zg-Hheo6x6M3XaMBmjwpo_kLIEjltVNY4fOvcM5c_QPCCQhCJ3mP35ytEvte8ZU_iarMRVYKmsz0CxGhmBKGHBgpTBw-dnhIWn0GS5altCmDl-ryHX9yFF3UEjlH9x5V63VJFwJ10aATjzo_jLdailk5KniPDHCMQut1LhY49t2T4IdK_T3Lh7RSnBRn1w3k1sNg61hqURXpoCtRS0QfH7loPMRT0IDq4h9X-OLPTInva7WeeJ9aZbPN5Ev0-LrgN_sf5stZmNln0dUYxUCXi5pQcuEUZrP6t9CEoiJ8InVLNwH4QWYpGxW-ZnYqbiFVXn45xuUD-ixQFbGhZMHGHm8uGmaJh1Aed-ZyWdx0jyPb20o1qt2ndt-GbPwfs5OwyyH6csnTO0VzD3O3quvVL_JmjmvbJ4DiqeNbpoCgqBldiImPxHQPaY0V3bED24cApRfvcuR51mkK3cCFa_EHRjuJp_EC1r1rFvoH4NZ0xtG8DraGppatghyKZbhK5NQazwaZR2ILvpj5yAgSIgL4kkCSlY9TRRw3VIX0tG1r4-ZFd7Gq69cVfPC3xnaYGq3GjVynlvFlRk-ob6NxCHOoe21qrRHdsEMHbpxNs868bq2OPBhlfjVf9X-wpVLFkZvjOpiPu7jOluhRYx5sQmARd0WhKd2_YhHHxoWWrdaEtleP3h3c8apR0OY1VRwktpRKnHy0DjGJg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame FC0A 0
26 B 69ms
68ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvCp1wADojK2yRQU1hzjowFnzKp2OuWzawrQVElawmje8vJvyVSg_UcqR5czLjLyEDLyJ7bNBjHmrEtCvNc8GsprugccN0guZvfoYrrvR5RH67Ujr79gDP-RUg-qlytRka9jRngiRXRQjJ94AypQki_4ZC_8LVfWVNA31qkp1JuDISFj4kwxPd0chdi1i0TdEnC-2f9ubvd9a_fwzm09oBGzWlf8MHFdGEWrl9Ca23bLeKmIIWKkicjbjFNWMZZJNxR3lWMVsUT77T2AQSQFahII4rphmlgeXQG6vq8yBGEu2dDY4pcwjBi5_UHvzr1NsSy_6wG6UQovb9sIjWOe6UoSk_522LpoBG64rT4hH6i_6Qe33xscExqszWMucZTppJ4V1WH1lKMGju86bcFSBKQt8BijZOsIvkH_RrWo7ZANJZPIKyXsjt0h0X-AlEsKjPJTXrL-pXQpQ33ZUUToA0LPq6j2PoO4lGaB53ExcdGk6u7mBpvW5djH18p1OJmjIsFlu1B69hBIM4hpZFq5PBmBIA4Wz--nm-HDS5Ijlf_upIDwXau_fNa4pcQEGhCdo2utf1uvC4PyBk8fENdA7yzwJqIqjbjL9lGDzfKw_i1uE43xTkeqyLBYkJJmOrlU5spoPTI_eQXt8GTCw49CiQkJL5ZD5OCkZQJ_-JnMWjRtNDpFjydMbvSdUbhecUQsc7P3s9v2CvJGSJquaH-LSB8Y58WOMffBYNlc3qmtMhkKPsi4Ceq8Bc_z67elD8GAd-hSr7hNc3eEqMcNrSvZBlFp7qQuJf6qWrQ4qnRUtMJEhw4EfrHJBhZlBjJ6vI5Zgnt1sj_nqDYuYiKcZwkM3OsX8sSVRxUos26sZFYF3OcXhO8MFNdKCM9j9SzV79tNXtsgpJlJGLnPaX6MXpohwYg17Ks9nbZqLX6hc0bYwQ2ZYXlOfGQ2VeHsdnLTo-TGivoWUr0FejX3x9A7gya638CHAIzBS8gDa5LVypQ0VEBg6kwaMQq1UtW5LvIp_idMhsrwJktNo-Cj88qPlbCfqZ0J0IRb9DGF-XJrBfMY3vC9fS4NML-nZWdmqfE0ROEcQ1VVl0Sq936ttEykOcw9HgSPSXhP89waclB-eMhrmyLb3izFBGMvYgqi_xFCuQrono98XO-WBv1JNSdC3CeVPFglD1SqVAQgbBB4v6B3EZeJjjQhJXNVksmilfKqCTp31VtyVPjrO-s_2bSpHOHYVzhAvaghJuU-2Z0GtHlyf9kaGz0ClPUYlLHxbae2nfFCSULLg&sai=AMfl-YTEKTsy40DmavENOUqlDvHll3kZwa_wJBMqmldV3yk5Cgg6X9QPF4M5FhdWESaI8mOl1LoQRKuF_clutZyo7U1fR0SK5O0oZrt0x-gueTLpmGfkqTXnDTgMgsXs2UcPY1dqRwMiQliKwbckAGbcNqe3TKmNn_gurMBVLe1FtBdL8TRGh5gQ0mi0DU6b2H8e4JKHfyDb_TrOMPfjlK7Zq6PIohBpq2xH4kzPJAbVFNv6iyc&sig=Cg0ArKJSzMXLd6kjY6aKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=551&vt=11&dtpt=387&dett=3&cstd=161&cisv=r20220628.34537&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:19:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame FC0A 62 KB
23 KB 39ms
39ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ed589f2773c7f62a29c7691a961a85c95ac374c666dec2d6eb6a1abd0350a65e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 862
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23708
x-xss-protection: 0
server: cafe
etag: 12776144751522492165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 10:05:10 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame FC0A 0
17 B 129ms
64ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l50tf4v4&chm=1&ctx=2&gqid=o2q9YozwH9i49u8PioOX2AY&qqid=CM2iuKPs1PgCFQiPsgodWngEug&met.4=fb.df~lb.id~cmrload.jp~ol.vv~bdt.-3ww~bpp.-a~idt.-9~dtd.-1~dt.-c&met.3=374.jp~749.k0_2~736.k4~735.k5_1~113.xc_7~112.xa_8&met.1=1.l50tf3xt~6.1~7.1~8.1~9.1~10.1~12.2~13.bd~14.bk~15.d4~16.ih~17.ih~18.ih~19.vu~20.vv~21.vv~22.ij~23.ij&met.7=CAUQCBgBKAEwoAM4-whoAnCZA3iNVoAB4VOIAYeiAbABAbgBAw~CBwQBhgBIN4DKN4DMKoEOExo5ANwqQR41gKAASqIASqwAQG4AQM~CB4QChgBIN4DKN4DMPIEOJQBUOIDWK0EYOIDaK4EcO8EePsMgAHPCogBsRWwAQG4AQM~CCoQChgBIN8DKN8DMIQFOKUB~CBwQChgBIN8DKN8DMNsEOH1orgRw2AR44juAAbY5iAG9iAGwAQG4AQM~CBsQBhgBIN8DKN8DMPEEOJIB~CCgQBRgBIOUDKOUDMJoEODVo5wNwmQR4wASAAZQCiAHwBLABAbgBAw~CCgQChgBIOcDKOcDMMwEOGVo6ANwvAR4s4YCgAGHhAKIAfDsBLABAbgBAw~CCkQChgBIM4EKM4EMOUFOJcBUM8EWJ0FYM8EaJ4FcMoFeJyqAoAB8KcCiAGrzgawAQG4AQM~CBwQChgBIM8EKM8EMPQEOCVo0ARw8wR4gxuAAdcYiAGeP7ABAbgBAw~CAkQChgBINIEKNIEMPYEOCVo0gRw9gR43VSAAbFSiAGT2AGwAQG4AQM~CCcQChgBIPwEKPwEMK0FODFo_ARwpQV4k3mAAed2iAGKxQKwAQG4AQM~CBwQBRgBIP0EKP0EMKcFOCpo_wRwpAV4gAiAAdQFiAGWCbABAbgBAw~CCcQBRgBIMAFKMAFMPsFODpoywVw8gV490OAActBiAHqsgGwAQG4AQM~CB8QBRgBIPQFKPQFMLQGOEBo_gVwpgZ4grUBgAHWsgGIAZO8BLABAbgBAw~CCIQARgBIPUFKPUFMIIHOI4BUPcFWLcGYPcFaLcGcIIHeKwCsAEBuAED~CCgQChgBIP8IKP8IMKwJOC1o_whwpgl4yLsBgAGcuQGIAfDsA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D251 42 B
64 B 79ms
78ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPt6P6SJl1q8STolm3R5eK6pFzvVNBPtSe9gRelaAsNu-sjhT8FPf2T7dZ7mWIDXzO1185WB-WcltRPQbamtPdJ4h-qdzkqSoxi0bApZ6RBzC8Anda7NNVapzzQJeKOuVBHOvc1Q&sai=AMfl-YR7lLkFDx4sUhaGnhHlECjSqAZMIFCeBCrSYGhDq9Tf8roMbuJmoBV1tStxozV-mwL8fy8RgAmxHP1AwSA6gXxIVBevz1w6EHHOPC57Tpn5NcGebTVuvavopD4&sig=Cg0ArKJSzPqr82xIMvFuEAE&cid=CAASJORo7jaSwsByKtaLUapDJsELEHKVhqYCxKLmpFc285r9POXdVA&id=lidar2&mcvt=1000&p=950,0,1200,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2411272266&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656580771593&rpt=426&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK adlogs Show response
in.treasuredata.com/js/v3/event/popin_ads/ 89 B
559 B 417ms
113ms Script
application/javascript 54.175.38.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1656580773045&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoiIiwiY2hhbm5lbF9pZCI6InN0YW5kYXJkX3BjXzR4MiIsInRpbWVfc2hvd19zZWNvbmRzIjoxLCJyZXF1ZXN0X2FkIjoxNSwiZG1mIjoibSIsInJlc3BvbnNlX2FkIjo5LCJzbWphZCI6MCwiYXBpX2hvc3QiOiJoay5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJvcmllbnRhbGRhaWx5Lm9uLmNjX2hrIiwidXJsIjoiaHR0cHM6Ly9vcmllbnRhbGRhaWx5Lm9uLmNjL2NvbnRlbnQvJUU3JTk0JUEyJUU3JUI2JTkzL29kbi0yMDIyMDYzMC0wNjMwXzAwMjAyXzAzNS8lRTYlQjglQTMlRTYlODklOTMlRTYlOTMlQUMlRTUlODYlOEQlRTYlOTUlQjQlRTUlOTAlODglRTUlOEQlQjAlRTUlQkElQTYlRTglQjIlQjglRTYlQUMlQkUiLCJsb2dpZCI6IjNlNmU4NjU4LWIyN2QtNDhjYS04N2Q0LTM3OTcxMDZmNmViOCIsInVpZCI6IjFmNTU2NWQ4ZDdjMjE4NDU1NzAxNjU2NTgwNzcxNzM0IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiZDU4NjIwZTctZGRmZi00ZDgzLWJlM2ItYWNlMmY5NDczZGQzIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6Iua4o%2BaJk%2BaTrOWGjeaVtOWQiOWNsOW6puiyuOasviIsInRkX3VybCI6Imh0dHBzOi8vb3JpZW50YWxkYWlseS5vbi5jYy9jb250ZW50LyVFNyU5NCVBMiVFNyVCNiU5My9vZG4tMjAyMjA2MzAtMDYzMF8wMDIwMl8wMzUvJUU2JUI4JUEzJUU2JTg5JTkzJUU2JTkzJUFDJUU1JTg2JThEJUU2JTk1JUI0JUU1JTkwJTg4JUU1JThEJUIwJUU1JUJBJUE2JUU4JUIyJUI4JUU2JUFDJUJFIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDMuMC41MDYwLjUzIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IldpbjMyIiwidGRfaG9zdCI6Im9yaWVudGFsZGFpbHkub24uY2MiLCJ0ZF9wYXRoIjoiL2NvbnRlbnQvJUU3JTk0JUEyJUU3JUI2JTkzL29kbi0yMDIyMDYzMC0wNjMwXzAwMjAyXzAzNS8lRTYlQjglQTMlRTYlODklOTMlRTYlOTMlQUMlRTUlODYlOEQlRTYlOTUlQjQlRTUlOTAlODglRTUlOEQlQjAlRTUlQkElQTYlRTglQjIlQjglRTYlQUMlQkUiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoidGRfaXAiLCJ0ZF9icm93c2VyIjoidGRfYnJvd3NlciIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6InRkX2Jyb3dzZXJfdmVyc2lvbiIsInRkX29zIjoidGRfb3MiLCJ0ZF9vc192ZXJzaW9uIjoidGRfb3NfdmVyc2lvbiIsImNsaWVudF9pZCI6ImQ1ODYyMGU3LWRkZmYtNGQ4My1iZTNiLWFjZTJmOTQ3M2RkMyIsImNvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwiY2F0ZWdvcnkiOiLnlKLntpMiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0%3D&callback=TreasureJSONPCallback0

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.175.38.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-175-38-235.compute-1.amazonaws.com

Software

Resource Hash

3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 09:19:33 GMT
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Content-Length: 89
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript

GET
H/1.1 200
OK logo.png
api.popin.cc/images/ 2 KB
3 KB 245ms
245ms Image
image/png 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.popin.cc/images/logo.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 09:19:33 GMT
Last-Modified: Tue, 02 Apr 2019 12:00:56 GMT
Server: nginx
ETag: "b10c5c3579ba2dba39fd2804188dc3f1"
X-Cache-Status: HIT from 10.252.55.25
x-amz-version-id: null
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2316
Expires: Thu, 30 Jun 2022 10:19:33 GMT

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
347 B 257ms
257ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjoxLCJhcGlfaG9zdCI6ImhrLnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6Im9yaWVudGFsZGFpbHkub24uY2NfaGsiLCJ1cmwiOiJodHRwczovL29yaWVudGFsZGFpbHkub24uY2MvY29udGVudC8lRTclOTQlQTIlRTclQjYlOTMvb2RuLTIwMjIwNjMwLTA2MzBfMDAyMDJfMDM1LyVFNiVCOCVBMyVFNiU4OSU5MyVFNiU5MyVBQyVFNSU4NiU4RCVFNiU5NSVCNCVFNSU5MCU4OCVFNSU4RCVCMCVFNSVCQSVBNiVFOCVCMiVCOCVFNiVBQyVCRSIsInVpZCI6IjFmNTU2NWQ4ZDdjMjE4NDU1NzAxNjU2NTgwNzcxNzM0IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiZDU4NjIwZTctZGRmZi00ZDgzLWJlM2ItYWNlMmY5NDczZGQzIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IiIsInRkX3VybCI6Imh0dHBzOi8vb3JpZW50YWxkYWlseS5vbi5jYy9jb250ZW50LyVFNyU5NCVBMiVFNyVCNiU5My9vZG4tMjAyMjA2MzAtMDYzMF8wMDIwMl8wMzUvJUU2JUI4JUEzJUU2JTg5JTkzJUU2JTkzJUFDJUU1JTg2JThEJUU2JTk1JUI0JUU1JTkwJTg4JUU1JThEJUIwJUU1JUJBJUE2JUU4JUIyJUI4JUU2JUFDJUJFIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDMuMC41MDYwLjUzIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IldpbjMyIiwidGRfaG9zdCI6Im9yaWVudGFsZGFpbHkub24uY2MiLCJ0ZF9wYXRoIjoiL2NvbnRlbnQvJUU3JTk0JUEyJUU3JUI2JTkzL29kbi0yMDIyMDYzMC0wNjMwXzAwMjAyXzAzNS8lRTYlQjglQTMlRTYlODklOTMlRTYlOTMlQUMlRTUlODYlOEQlRTYlOTUlQjQlRTUlOTAlODglRTUlOEQlQjAlRTUlQkElQTYlRTglQjIlQjglRTYlQUMlQkUiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMDMuMC41MDYwIiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6ImQ1ODYyMGU3LWRkZmYtNGQ4My1iZTNiLWFjZTJmOTQ3M2RkMyIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1656580773031
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 09:19:33 GMT
Last-Modified: Mon, 07 Jan 2019 09:48:08 GMT
Server: nginx/1.13.5
ETag: "5c332058-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK adlogs
log.popin.cc/log/popin_ads/ 66 B
347 B 258ms
256ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoiIiwiY2hhbm5lbF9pZCI6InN0YW5kYXJkX3BjXzR4MiIsInRpbWVfc2hvd19zZWNvbmRzIjoxLCJyZXF1ZXN0X2FkIjoxNSwiZG1mIjoibSIsInJlc3BvbnNlX2FkIjo5LCJzbWphZCI6MCwiYXBpX2hvc3QiOiJoay5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJvcmllbnRhbGRhaWx5Lm9uLmNjX2hrIiwidXJsIjoiaHR0cHM6Ly9vcmllbnRhbGRhaWx5Lm9uLmNjL2NvbnRlbnQvJUU3JTk0JUEyJUU3JUI2JTkzL29kbi0yMDIyMDYzMC0wNjMwXzAwMjAyXzAzNS8lRTYlQjglQTMlRTYlODklOTMlRTYlOTMlQUMlRTUlODYlOEQlRTYlOTUlQjQlRTUlOTAlODglRTUlOEQlQjAlRTUlQkElQTYlRTglQjIlQjglRTYlQUMlQkUiLCJsb2dpZCI6IjNlNmU4NjU4LWIyN2QtNDhjYS04N2Q0LTM3OTcxMDZmNmViOCIsInVpZCI6IjFmNTU2NWQ4ZDdjMjE4NDU1NzAxNjU2NTgwNzcxNzM0IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiZDU4NjIwZTctZGRmZi00ZDgzLWJlM2ItYWNlMmY5NDczZGQzIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6Iua4o+aJk+aTrOWGjeaVtOWQiOWNsOW6puiyuOasviIsInRkX3VybCI6Imh0dHBzOi8vb3JpZW50YWxkYWlseS5vbi5jYy9jb250ZW50LyVFNyU5NCVBMiVFNyVCNiU5My9vZG4tMjAyMjA2MzAtMDYzMF8wMDIwMl8wMzUvJUU2JUI4JUEzJUU2JTg5JTkzJUU2JTkzJUFDJUU1JTg2JThEJUU2JTk1JUI0JUU1JTkwJTg4JUU1JThEJUIwJUU1JUJBJUE2JUU4JUIyJUI4JUU2JUFDJUJFIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDMuMC41MDYwLjUzIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IldpbjMyIiwidGRfaG9zdCI6Im9yaWVudGFsZGFpbHkub24uY2MiLCJ0ZF9wYXRoIjoiL2NvbnRlbnQvJUU3JTk0JUEyJUU3JUI2JTkzL29kbi0yMDIyMDYzMC0wNjMwXzAwMjAyXzAzNS8lRTYlQjglQTMlRTYlODklOTMlRTYlOTMlQUMlRTUlODYlOEQlRTYlOTUlQjQlRTUlOTAlODglRTUlOEQlQjAlRTUlQkElQTYlRTglQjIlQjglRTYlQUMlQkUiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMDMuMC41MDYwIiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6ImQ1ODYyMGU3LWRkZmYtNGQ4My1iZTNiLWFjZTJmOTQ3M2RkMyIsImNvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwiY2F0ZWdvcnkiOiLnlKLntpMiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1656580773047
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 09:19:33 GMT
Last-Modified: Thu, 13 Dec 2018 07:19:53 GMT
Server: nginx/1.13.5
ETag: "5c120819-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H2 200 s.gif
r.popin.cc/ 35 B
185 B 731ms
242ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&uid=1f5565d8d7c218455701656580771734&type=pc_pv&nid=pc&media=orientaldaily.on.cc_hk&r5=ca_%E7%94%A2%E7%B6%93|ch_cy_tw&t=1656580773047&tz=hk
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:33 GMT
last-modified: Thu, 16 Sep 2021 07:12:26 GMT
server: nginx
etag: "6142ee5a-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
347 B 258ms
257ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjAsImFwaV9ob3N0IjoiaGsucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoib3JpZW50YWxkYWlseS5vbi5jY19oayIsInVybCI6Imh0dHBzOi8vb3JpZW50YWxkYWlseS5vbi5jYy9jb250ZW50LyVFNyU5NCVBMiVFNyVCNiU5My9vZG4tMjAyMjA2MzAtMDYzMF8wMDIwMl8wMzUvJUU2JUI4JUEzJUU2JTg5JTkzJUU2JTkzJUFDJUU1JTg2JThEJUU2JTk1JUI0JUU1JTkwJTg4JUU1JThEJUIwJUU1JUJBJUE2JUU4JUIyJUI4JUU2JUFDJUJFIiwibG9naWQiOiIzZTZlODY1OC1iMjdkLTQ4Y2EtODdkNC0zNzk3MTA2ZjZlYjgiLCJ1aWQiOiIxZjU1NjVkOGQ3YzIxODQ1NTcwMTY1NjU4MDc3MTczNCIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6ImQ1ODYyMGU3LWRkZmYtNGQ4My1iZTNiLWFjZTJmOTQ3M2RkMyIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLmuKPmiZPmk6zlho3mlbTlkIjljbDluqbosrjmrL4iLCJ0ZF91cmwiOiJodHRwczovL29yaWVudGFsZGFpbHkub24uY2MvY29udGVudC8lRTclOTQlQTIlRTclQjYlOTMvb2RuLTIwMjIwNjMwLTA2MzBfMDAyMDJfMDM1LyVFNiVCOCVBMyVFNiU4OSU5MyVFNiU5MyVBQyVFNSU4NiU4RCVFNiU5NSVCNCVFNSU5MCU4OCVFNSU4RCVCMCVFNSVCQSVBNiVFOCVCMiVCOCVFNiVBQyVCRSIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAzLjAuNTA2MC41MyBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJXaW4zMiIsInRkX2hvc3QiOiJvcmllbnRhbGRhaWx5Lm9uLmNjIiwidGRfcGF0aCI6Ii9jb250ZW50LyVFNyU5NCVBMiVFNyVCNiU5My9vZG4tMjAyMjA2MzAtMDYzMF8wMDIwMl8wMzUvJUU2JUI4JUEzJUU2JTg5JTkzJUU2JTkzJUFDJUU1JTg2JThEJUU2JTk1JUI0JUU1JTkwJTg4JUU1JThEJUIwJUU1JUJBJUE2JUU4JUIyJUI4JUU2JUFDJUJFIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTAzLjAuNTA2MCIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiJkNTg2MjBlNy1kZGZmLTRkODMtYmUzYi1hY2UyZjk0NzNkZDMiLCJjb21tb25fY2F0ZWdvcnkiOiJidXNpbmVzcyIsImNhdGVnb3J5Ijoi55Si57aTIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1656580773047
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 09:19:33 GMT
Last-Modified: Thu, 13 Dec 2018 07:19:53 GMT
Server: nginx/1.13.5
ETag: "5c120819-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK other
inrecsys.popin.cc/PopinService/Logs/ 0
108 B 1050ms
262ms Image
text/plain 119.63.197.136
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inrecsys.popin.cc/PopinService/Logs/other?data=eyJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJkNTg2MjBlNy1kZGZmLTRkODMtYmUzYi1hY2UyZjk0NzNkZDMiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5rij5omT5pOs5YaN5pW05ZCI5Y2w5bqm6LK45qy+IiwidGRfdXJsIjoiaHR0cHM6Ly9vcmllbnRhbGRhaWx5Lm9uLmNjL2NvbnRlbnQvJUU3JTk0JUEyJUU3JUI2JTkzL29kbi0yMDIyMDYzMC0wNjMwXzAwMjAyXzAzNS8lRTYlQjglQTMlRTYlODklOTMlRTYlOTMlQUMlRTUlODYlOEQlRTYlOTUlQjQlRTUlOTAlODglRTUlOEQlQjAlRTUlQkElQTYlRTglQjIlQjglRTYlQUMlQkUiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMy4wLjUwNjAuNTMgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0Ijoib3JpZW50YWxkYWlseS5vbi5jYyIsInRkX3BhdGgiOiIvY29udGVudC8lRTclOTQlQTIlRTclQjYlOTMvb2RuLTIwMjIwNjMwLTA2MzBfMDAyMDJfMDM1LyVFNiVCOCVBMyVFNiU4OSU5MyVFNiU5MyVBQyVFNSU4NiU4RCVFNiU5NSVCNCVFNSU5MCU4OCVFNSU4RCVCMCVFNSVCQSVBNiVFOCVCMiVCOCVFNiVBQyVCRSIsInRkX3JlZmVycmVyIjoiIiwidGRfaXAiOiIxODUuMjEzLjE1NS4xNjUiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTAzLjAuNTA2MCIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJkaXNoX2NvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwia2V5Ijoia2V5MTY1NjU4MDc3MTczNSIsIm5vdyI6MTY1NjU4MDc3MzA0OCwiY2xpZW50X2lkIjoiZDU4NjIwZTctZGRmZi00ZDgzLWJlM2ItYWNlMmY5NDczZGQzIiwidXJsIjoiaHR0cHM6Ly9vcmllbnRhbGRhaWx5Lm9uLmNjL2NvbnRlbnQvJUU3JTk0JUEyJUU3JUI2JTkzL29kbi0yMDIyMDYzMC0wNjMwXzAwMjAyXzAzNS8lRTYlQjglQTMlRTYlODklOTMlRTYlOTMlQUMlRTUlODYlOEQlRTYlOTUlQjQlRTUlOTAlODglRTUlOEQlQjAlRTUlQkElQTYlRTglQjIlQjglRTYlQUMlQkUiLCJ1aWQiOiIxZjU1NjVkOGQ3YzIxODQ1NTcwMTY1NjU4MDc3MTczNCIsInNtaklkIjoiIiwiZGV2aWNlIjoicGMiLCJkaXNoX21lZGlhIjoib3JpZW50YWxkYWlseS5vbi5jY19oayIsImRpc2hfY2F0ZWdvcnkiOiLnlKLntpMiLCJkaXNoX2RvbWFpbiI6Im9yaWVudGFsZGFpbHkub24uY2MiLCJ2X2Rpc2hfbGFiZWxzIjoi5b635oSP5b+X6YqA6KGMLOWNsOW6puebp+avlCzmlLbosrvlhazot68s5rij5omT6YqA6KGMLOmgheebriznjrvnkoPlmajnmr8s5LiN6Imv6LK45qy+LOa2iOaBr+S6uuWjqyzos4fnlKLph43ntYQs5Zue5pS2546HLOW4s+aItizoqqrmmI7mlocs57i95YC8LOWHuuWUrizmpa3li5ks5YWs6LevLOiyt+WutizlgrXli5ks5YyF5ousLOWjk+WKmyzmlZ7lj6Ms5pep5YmNLOmbhuWcmCzpg6jliIYs54++6YeRLOioiOWKgyzliIbooYws5biz55uuLOaVtOeQhizpoJDku5gs5pys6YeRLOaOpeaJiyzmlrnlvI8s5YWs5Y+4LOWUruS6iCznq7bmqJks5pO05aSnLOWEn+mChCzpgoDoq4ss5pOs5Ye6LOeZvOWHuizloLHpgZMs5bCL5om+LOaMgee6jCzntYTlkIgs5byV6L+wIiwidl9kaXNoX3RsYWJlbHMiOiLljbDluqYs6LK45qy+LOa4o+aJkyzmlbTlkIgiLCJsb2dpZCI6IjNlNmU4NjU4LWIyN2QtNDhjYS04N2Q0LTM3OTcxMDZmNmViOCIsImFwaV9ob3N0IjoiaGsucG9waW4uY2MiLCJkb21haW4iOiJvcmllbnRhbGRhaWx5Lm9uLmNjIiwicG9waW5fdmVyc2lvbiI6Nn0=
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.63.197.136 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/plain

GET
H2 200 s.gif
r.popin.cc/ 35 B
185 B 731ms
243ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&uid=&type=pc_channel_pv&nid=pc&media=orientaldaily.on.cc_hk&r5=ca_%E7%94%A2%E7%B6%93|ch_standard_pc_4x2|ch_cy_tw&t=1656580773072&tz=hk
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:33 GMT
last-modified: Thu, 16 Sep 2021 07:12:26 GMT
server: nginx
etag: "6142ee5a-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
347 B 246ms
245ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6IiIsImNoYW5uZWxfaWQiOiJzdGFuZGFyZF9wY180eDIiLCJleHBlY3RlZF9hZCI6MywicmVuZGVyZWRfYWQiOjMsImFwaV9ob3N0IjoiaGsucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoib3JpZW50YWxkYWlseS5vbi5jY19oayIsInVybCI6Imh0dHBzOi8vb3JpZW50YWxkYWlseS5vbi5jYy9jb250ZW50LyVFNyU5NCVBMiVFNyVCNiU5My9vZG4tMjAyMjA2MzAtMDYzMF8wMDIwMl8wMzUvJUU2JUI4JUEzJUU2JTg5JTkzJUU2JTkzJUFDJUU1JTg2JThEJUU2JTk1JUI0JUU1JTkwJTg4JUU1JThEJUIwJUU1JUJBJUE2JUU4JUIyJUI4JUU2JUFDJUJFIiwibG9naWQiOiIzZTZlODY1OC1iMjdkLTQ4Y2EtODdkNC0zNzk3MTA2ZjZlYjgiLCJ1aWQiOiIxZjU1NjVkOGQ3YzIxODQ1NTcwMTY1NjU4MDc3MTczNCIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6ImQ1ODYyMGU3LWRkZmYtNGQ4My1iZTNiLWFjZTJmOTQ3M2RkMyIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLmuKPmiZPmk6zlho3mlbTlkIjljbDluqbosrjmrL4iLCJ0ZF91cmwiOiJodHRwczovL29yaWVudGFsZGFpbHkub24uY2MvY29udGVudC8lRTclOTQlQTIlRTclQjYlOTMvb2RuLTIwMjIwNjMwLTA2MzBfMDAyMDJfMDM1LyVFNiVCOCVBMyVFNiU4OSU5MyVFNiU5MyVBQyVFNSU4NiU4RCVFNiU5NSVCNCVFNSU5MCU4OCVFNSU4RCVCMCVFNSVCQSVBNiVFOCVCMiVCOCVFNiVBQyVCRSIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAzLjAuNTA2MC41MyBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJXaW4zMiIsInRkX2hvc3QiOiJvcmllbnRhbGRhaWx5Lm9uLmNjIiwidGRfcGF0aCI6Ii9jb250ZW50LyVFNyU5NCVBMiVFNyVCNiU5My9vZG4tMjAyMjA2MzAtMDYzMF8wMDIwMl8wMzUvJUU2JUI4JUEzJUU2JTg5JTkzJUU2JTkzJUFDJUU1JTg2JThEJUU2JTk1JUI0JUU1JTkwJTg4JUU1JThEJUIwJUU1JUJBJUE2JUU4JUIyJUI4JUU2JUFDJUJFIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTAzLjAuNTA2MCIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiJkNTg2MjBlNy1kZGZmLTRkODMtYmUzYi1hY2UyZjk0NzNkZDMiLCJjb21tb25fY2F0ZWdvcnkiOiJidXNpbmVzcyIsImNhdGVnb3J5Ijoi55Si57aTIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1656580773072
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 09:19:33 GMT
Last-Modified: Thu, 13 Dec 2018 07:19:53 GMT
Server: nginx/1.13.5
ETag: "5c120819-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H2 200 log.gif
r.popin.cc/ 35 B
185 B 559ms
243ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/log.gif?type=related-tw&uid=1f5565d8d7c218455701656580771734&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&t=1656580773072
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:33 GMT
last-modified: Thu, 16 Sep 2021 07:12:26 GMT
server: nginx
etag: "6142ee5a-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FC0A 42 B
64 B 79ms
78ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssos5MhpjhohBzrs6nd_r8p0Y0ukHfOUE1hmU5WUUfISnq6l0A-8Mv07DL9INFYerwRFOIcbs46nesalOu8BPV1H2aMvl22MnHteByC5Ro09yAeWz68XUw8b9--pRkkGf0crWdQgw&sai=AMfl-YQ_ODjaYbTOUVTt_uhY6IKD67YeJ2sXcaF7zvuBZpIQM7JnUKWmmnO4zg0kQDiFx9tyu2phlgV_rUeQvIWPXHp692oa7fOOKvMMUw_Fu6hDlfX3ifg_ZTPOy_Y&sig=Cg0ArKJSzErP4tJFn9hREAE&cid=CAASJORoNKE_p85fenCDEyPpMpzukUAy6bAtuWlLojbEmz4xe8UJtQ&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=190292511&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656580771505&rpt=720&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ajs.php Show response
ad4.on.cc/web/www/delivery/ 1 KB
1 KB 247ms
246ms Script
text/javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=834
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12bc2a7d3a8d9312b4c57ff96da70a1b5226092ef32924ce7c0fc72137322e6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:33 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Jun 2022 09:19:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
cf-ray: 7235d22938a5692b-FRA
content-type: text/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 163 KB
55 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cc49410ee432f3b856aa90ef24fd7fa01c8097164a87a6d5da45e1f461408e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56409
x-xss-protection: 0
server: cafe
etag: 14173504073119944245
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 09:19:33 GMT

GET
H2 200 lg.php
ad4.on.cc/web/www/delivery/ 43 B
108 B 259ms
259ms Image
image/gif 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4.on.cc/web/www/delivery/lg.php?bannerid=6314&campaignid=3387&zoneid=834&loc=1&referer=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&cb=6de331b587
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:33 GMT
cf-cache-status: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
content-length: 43
pragma: no-cache
last-modified: Thu, 30 Jun 2022 09:19:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
accept-ranges: bytes
cf-ray: 7235d22b6bae692b-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 50ms
50ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:19:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 49ms
48ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:19:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8D86 18 KB
9 KB 502ms
501ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3565501396&adf=356650500&pi=t.ma~as.6393984442&w=300&lmt=1656580773&psa=1&format=300x250&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656580773656&bpp=2&bdt=7223&idt=2&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a6045127e940fb5%3AT%3D1656580769%3AS%3DALNI_MaKWkbLjd2cIdIMRVa0hUrCpoR9Gg&prev_fmts=0x0%2C728x90&nras=1&correlator=602963358455&rume=1&frm=20&pv=1&ga_vid=248626736.1656580771&ga_sid=1656580771&ga_hid=15067015&ga_fc=1&ga_cid=965798538.1656580769&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065545%2C31067983%2C44768099%2C42531605%2C31061691%2C31061693&oid=2&psts=AGkb-H-E8KtuX9tnYDO0dEIVXKYMs8MpeiKpZ9Cg816LMBGbJHt5MLIotrhsddlLZYLOGbUUue4aiNoZwrwXkPMq&pvsid=203634787387024&tmod=1126593315&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=OZul6jj5kC&p=https%3A//orientaldaily.on.cc&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e24c6b826387497797006470ae32b9aebd25b9fe98231c577041a6ee0cdf5e2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 9345
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 09:19:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D251 0
26 B 69ms
68ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuq8mVhORoCH3-bg8PYgHZwFo_m3bIXLDhkngNa2kPDNJY90UISD07LiXD36sq0xpS621IAsbV22cnWzzEusHS3U41gHo-Cqqn_q_nwNDaUdCOAJKqGnVua7-4-Dl7pgg_AZ5rUyFxeIiz8jDnXz1u9QEWeEPKyWd42pgTZfcX8eTkuaFOLNgW48fIl2O_cOAMDtTVlzQ24OPXj4pZcQgYb06G0tQ-OV9Ay6_EurkrDlUKgY8j3qWLvrHRRC_OfixYgFKw5gR8ainVyLzN6xmMs_-dboQ_SWGYxKl0CizAo51kzFoYKOIEyb0WmS0WnhAHg1kUFHyS-tfUZEgFiIK09v3yNJA3maRTtf_zMEqLEXPqvWJ1pDuazuDFy889OodBGKd3o16wCLpWpa8ZSrECYB20J747AHXnpd_7NkrugE4j5bC1IIsg218fkybWZkFF1-tekSdmjn_3Ug6VhsXVlI3SGCwVznUD-4Q2GXbvOclt0QVUZpglzBVVtnws2tYUcU_fPTIWCSWMs9AkpBiMtH3muH9-rn-Khej8DjEKY1ZvUwiXHwpj4UC1YtlSGYduPyHHTC2tsJ3etZ1078_oQTjoYQ6J-UF9Xo3Y_ThSEkP9krcyjc-i2s6KFxmycpG3doYi1WxnaCQZbbKLECtAo420TIY3X7Un0e10cxECCd35WdHD5Av9JBXppdEoCl9j788naZoS8UwlyQNvZnrqZNTdCTuXlvuxdQaTyeHJStklwhDA5r1VgsVuJiBPpCPVviGONIIwbN9qDkZCvxJy7Ex05bjcTc_e74nRupPcmhpTWBc6zzAbSaKxilc4bbP5FGyqmY-3RE2Vwha6Aizh06AQdLiKUZ1Qau8pbb6bpqEZBHmi6WKl0t1RaqiM-0K97DVzDbhJx8QvGrSGQW9xofXSAUK7-VGIM3RhIpoIu8LnmJOsrVsGvzbKiGDalVXo9wUXjrxSr8muDnecWxe6mWU5Kd2RuVAAc3ZLh3cpOEJnAVEbX9xMSbBEjA8zchiKogNBiOttzCADMuKhk_e8hDSJmKHHu2HrdLGp9j5crYJmunAgcMlnCn-vCP1T25syQOyvA3aHFFTLCKOBXXmc69_ycnEfeoIGcgExL2O9ZmiJbfMtEUTkmZ2-FB6an2NoTY6EjBh3a1ZupO-_qi2tqkabZ3j-eZ6PD0f8vIrl03WyPS1mGY0RrcLQgD8u9oxo8wRVc_KXOgaewYqsAYzrcGZxfZ4753a13olI&sai=AMfl-YSARPhxRsbB9HleEnWRSLjfugNq6g15F-XJOByt4b7hx1pINJpLBiY6-v40k84L5nzG-NXxCDpwDJhdUlFOtCPGW5JEA1NsZ8pQATqzFduKJmD_QP6HiG39eJhe2ko8SnkUFVuuLjsmyOMLc3yM9FyMGx72cNN5fr4iRzoUQf2FuGlhPJlpTTM-ya9Pau1f5U0WbLuXOuhTk-xhkuWaBw&sig=Cg0ArKJSzF5s1XfFiobQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1831&vt=11&dtpt=1625&dett=3&cstd=204&cisv=r20220628.90094&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:19:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame D251 62 KB
23 KB 39ms
38ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: 167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com
URL: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ed589f2773c7f62a29c7691a961a85c95ac374c666dec2d6eb6a1abd0350a65e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 863
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23708
x-xss-protection: 0
server: cafe
etag: 12776144751522492165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 10:05:10 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame D251 0
17 B 65ms
65ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l50tf5ob&chm=1&c=203634787387024&ctx=2&qqid=CPGnpKPs1PgCFaWdewod8YsLdA&met.4=fb.4h~lb.c0~cmrload.d0~ol.1mp~idt.yg~dt.-v0&met.3=736.c1~735.c9_1~740.ca_1~374.f5~734.13u_2~735.155_1~113.1o2_1~112.1o2_2&met.1=1.l50tf409~6.r~7.s~8.s~9.s~10.31~11.s~12.31~13.45~14.46~15.47~16.c7~17.c7~18.c7~19.1mo~20.1mp~21.1mp~22.c7~23.c7&met.7=CBsQCBgBKBswlgE4wRBAHEgcUBxYbWAcaG1wlQF40BqAAaQYiAHOL7ABAbgBAw~CCgQBRgBIKMBKKMBMNcBODRopAFw1gF4wASAAZQCiAHwBLABAbgBAw~CCgQChgBIKQBKKQBMJMCOG9opQFw_wF48oQCgAHGggKIAfzkBLABAbgBAw~CBwQBhgBIKUBKKUBMOsBOEZopgFw6gF41gKAASqIASqwAQG4AQM~CB4QChgBIKUBKKUBMMACOJsBaIcCcL8CePsMgAHPCogBsRWwAQG4AQM~CCoQChgBIKUBKKUBMIkDOOQB~CBwQChgBIKUBKKUBML8COJoBQKYBSKYBUKYBWP0BYMoBaIcCcLQCeLk7gAGNOYgB5YcBsAEBuAED~CCkQChgBIJcCKJcCMNsDOMUBQJ0CSJ4CUJ4CWIcDYMECaIsDcLADeJyqAoAB8KcCiAGrzgawAQG4AQM~CBwQChgBIJcCKJcCMMQCOCxonQJwwgJ4gxuAAdcYiAGeP7ABAbgBAw~CAkQChgBIJsCKJsCMMQCOClongJwwwJ43VSAAbFSiAGT2AGwAQG4AQM~CCcQChgBIJUDKJUDMJcEOIIBaNYDcPsDeJN5gAHndogBisUCsAEBuAED~CBwQBRgBIJYDKJYDMMEDOCtolwNwwAN4gAiAAdQFiAGWCbABAbgBAw~CB8QBRgBIOYDKOYDMPEEOIsBUO4DWMAEYO4DaMEEcOsEeLINgAGGC4gBrh-wAQG4AQM~CCIQARgBIOgDKOgDMJIFOKoBQOkDSPgDUPgDWMAEYJcEaMQEcJEFeKwCsAEBuAED~CCcQBRgBIKAEKKAEMMkEOClooQRwxwR490OAActBiAHqsgGwAQG4AQM~CCAQBBgBIJwLKJwLMOwLOFBonQtw6wt41gKAASqIASqwAQG4AQM~CCgQChgBIMMQKMMQMPAQOC1owxBw6hB4yLsBgAGcuQGIAfDsA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D86 42 B
63 B 69ms
69ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BZ-gNVnO5SLmlxot5WYaKfEEKiyIV6d07M-MTGvUZN6_KdklH6mPsuoUyJdcSb4PBW1nKGvPbAhbCjAr42zgLXE9ghw0w8w0rYnz103svRLlB9H7Y

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3565501396&adf=356650500&pi=t.ma~as.6393984442&w=300&lmt=1656580773&psa=1&format=300x250&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656580773656&bpp=2&bdt=7223&idt=2&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a6045127e940fb5%3AT%3D1656580769%3AS%3DALNI_MaKWkbLjd2cIdIMRVa0hUrCpoR9Gg&prev_fmts=0x0%2C728x90&nras=1&correlator=602963358455&rume=1&frm=20&pv=1&ga_vid=248626736.1656580771&ga_sid=1656580771&ga_hid=15067015&ga_fc=1&ga_cid=965798538.1656580769&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065545%2C31067983%2C44768099%2C42531605%2C31061691%2C31061693&oid=2&psts=AGkb-H-E8KtuX9tnYDO0dEIVXKYMs8MpeiKpZ9Cg816LMBGbJHt5MLIotrhsddlLZYLOGbUUue4aiNoZwrwXkPMq&pvsid=203634787387024&tmod=1126593315&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=OZul6jj5kC&p=https%3A//orientaldaily.on.cc&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame 8D86 3 KB
1 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:14:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 09:14:23 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8D86 138 KB
42 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Jun 2022 09:19:34 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame 8D86 17 KB
7 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 509
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 09:11:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8D86 0
0 44ms
44ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR0Sw7FM4cXavf_Rh1ftHUNb-cOjURy18j-2xALLAM2pNJwhHgZGm6VTgcbk9pfsPBOcVoK36Bf2WtCdZBpz4ZeJjObCg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3565501396&adf=356650500&pi=t.ma~as.6393984442&w=300&lmt=1656580773&psa=1&format=300x250&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656580773656&bpp=2&bdt=7223&idt=2&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a6045127e940fb5%3AT%3D1656580769%3AS%3DALNI_MaKWkbLjd2cIdIMRVa0hUrCpoR9Gg&prev_fmts=0x0%2C728x90&nras=1&correlator=602963358455&rume=1&frm=20&pv=1&ga_vid=248626736.1656580771&ga_sid=1656580771&ga_hid=15067015&ga_fc=1&ga_cid=965798538.1656580769&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065545%2C31067983%2C44768099%2C42531605%2C31061691%2C31061693&oid=2&psts=AGkb-H-E8KtuX9tnYDO0dEIVXKYMs8MpeiKpZ9Cg816LMBGbJHt5MLIotrhsddlLZYLOGbUUue4aiNoZwrwXkPMq&pvsid=203634787387024&tmod=1126593315&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=OZul6jj5kC&p=https%3A//orientaldaily.on.cc&dtd=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A32C 640 B
316 B 51ms
50ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQyoXsyAMYu8ejzAEwAQ&v=APEucNVHwAQ5ujHrLdjBtN8Vnmaztupiy-VED3jDsjxAlCO-LhuXSn_hs4AkfCl-T23-Y4JrOcbItVP9pGyZTG1nV5VuTvEJY92LKbJp6upertGg0P3qR1H45XH82I-9haqLzxRaWaMtQJ21sI8X5Kg5GGPYHekviuFfgU7dpQOfov7XgOqa_S0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3565501396&adf=356650500&pi=t.ma~as.6393984442&w=300&lmt=1656580773&psa=1&format=300x250&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656580773656&bpp=2&bdt=7223&idt=2&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a6045127e940fb5%3AT%3D1656580769%3AS%3DALNI_MaKWkbLjd2cIdIMRVa0hUrCpoR9Gg&prev_fmts=0x0%2C728x90&nras=1&correlator=602963358455&rume=1&frm=20&pv=1&ga_vid=248626736.1656580771&ga_sid=1656580771&ga_hid=15067015&ga_fc=1&ga_cid=965798538.1656580769&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065545%2C31067983%2C44768099%2C42531605%2C31061691%2C31061693&oid=2&psts=AGkb-H-E8KtuX9tnYDO0dEIVXKYMs8MpeiKpZ9Cg816LMBGbJHt5MLIotrhsddlLZYLOGbUUue4aiNoZwrwXkPMq&pvsid=203634787387024&tmod=1126593315&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=OZul6jj5kC&p=https%3A//orientaldaily.on.cc&dtd=12
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 09:19:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8D86 92 KB
36 KB 94ms
93ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRuwGB40994zYR9q8jAz5k_GcuI9Ncd_Co_bPtU2rtjE9BHMORwEd4GHHEEVh28fqe4Z-_vGwzHIO279EU_AytGW1BwM9W997f2S_3WLdBJP-RC8Z0hHvjacSfiONZ11ZYrLVV-MfvZejMymKAyrxDwXky6g&dbm_d=AKAmf-Cpw2_j03lY2xLHLqrcm_t6pJnQ_JVmHzVAL5pXSidg7kOZPbrDzaGp9bIcq0mfbEuFdIlxLVQ5rJASNrI03F0Sd5miakyT993RiZcP0RdB5xrnjnpU2cbW4T8yRYfaaAuAMAtU3vlrjA_Mlqge2pvi_eQGuDgh4tUSmzEHeZ9h_I8U4ZqRQ0qSEzn1Kajghrke1W8A9HQkprj9yc7vTRwSDhaKVJ_hwimYsAQAurlhMrzyJ4V0c0QIPuDE9Dpw--_dC0QRGToynkydSDCnZUjevtYIM5O72GcspzAqnyd2XxBMC7xEi00fHXkEhACN9pCAoKE-3ndJsYChSUyolcvZwpj0KbNOqwbufdWCdn0vkHgQp_zdZJFJ2oYmRqtPnu3SLCn4GC40sPCzAeYYUC9jX5fqxIvIiH_xvwzJYscBHqb8RCzhlAW-g9xLjJwJLPuC7IQp5dBzk2ZpS7U40zqdWFMk2VcnWCC8e7LSVteRud252zriIdQwgi3LBAgJIvqPlOCL5OBON38qzImKVM7zLbpEPEMPCnSgyITyboyvqvkezgamc4_QFr4UeQy_R8dvkldCJqN44O2Li0zL4TbI5yEONp78QxW5EZrOO8dGiM73dHx07Q8BiqscYq3htukHu8RM_1LQ2C0jfituPnSSlX8UGoS_MHQzQgzDTNTBvIiXcBqiOk-ooibfFkSnF2u1evT0rP4Mmtq63IK7o3fpVGNLXmZwdB1WkkmTHdSrAtzE6lttWO_nCgTp3EkYRrHSGlR-NMRcwyfMx7JIY2rr8v7AxuP2vWEeHkzaPsoyEEWkCt8eKafWMzSD0VC1c3ZLJjlzJyPkkJGTSCpHl7Yb8HIwYrtpaJnoJn1WG2SQ4kiK5ZDOtyyQDoYnvAotAGkp9wUFVFptgb3Omu4vAjVmwQkEWlUZt1E7_ne8dymxSQXhXeWx-OtFM1mFq4FToFTDexqhFyEBfuGTWqDC2VUjJKmMZrAuiFrrKWYFNJNiiVX7fcXj_upfOMb9NbGvom6uTZz-Qcd8ta-q1X0mdq3xNeisdrKCUwacslISaRtVOu8gSDEnm24cx7o1Vu9OTB7jkuWvoyRXsSbtOiNMouok1YQPnRNE0SjcXJcirYjoAT800oiplLzZzDSBEVnMSPOyycVryy7bL3hEDWz5hfvHmDouvwE50wZV1lbhBdzSbtLoa6etzVwv8fZQs13E_ljmow1tDMjJdnTi5Moy1-EkfLPu5zzwIoHIPWc9NXthGhMgcx4jigGpbuHu_4ce4SsRaxsSrk5xKpTJ8RV3RoICpoZJdVhsFNaHsCgbYU2Ym9QlL1USYmM_qScPAAgAhjDAmfFA5XnjzvT-zGH_Xl8QhVZkU9fzNp5yfXIrZQCyjzQYVAgjH7NvxqFw2f2RkddhiYfgrvu_D0LPs5y5SSlYe-veZHE37UkoHjdaUCKGvAz2R-f2Li56SMe0Jj0clb9fhaeA1dfuFud5TK9_hACwB-6b-A9s_74IDO8tS4jdo6UDPYB4BxFfmb5UbuVUcuyApMI_YLL53HGizhye9aED468mK_C13ILG3caaEmvbLBDPK1t0nxjkuUYaT5CnGmGCrLzu8dmxTqqq08bR-uzfQUAZDO8QplS-1jhY-szH5l66U771iFVi5VaqGWkFViXDSR_zILg8yKGhVLl1X7aBjjAm1YBYrD92GJwZuUzaTxZz_cF2zRBLt4GHRktmfKQO9UeDUFDGVG83-EIXC0SwHIgZQhp5wRg0Y0VztuNlJYPw_PjOu_srkB58qcCIRW3NnKxUNKLyuNNkdBUqXMyx7C-rPBZorbvVIEdhDIOYdQxaI7CLw_l77lGll_KutRmik1Afo-3BC5LUF_I-9cZEf3tdOFPIi_eeSIjzlSHxharf5IuGJUA2z0ce4Sr3RZbSFkxScN8cE-2hdCNW-7ZslivP0zERcsA2E-i5ZDtpsP_YzkxSmaydVfgPyQoP-vOuHpGxKemLLO9slYL9t9o2GLPj7qNxG4GkT-361C7VKGGWJ5ExBprpYdP5QnUb1VHT8W3SmWykqiQuM2J1-ILgS23HLX-eCQNKTVKGbMFe2hKLHvkBTPukfBevKvehsA61GBwqDPqa92_pCbUyD9xA9iEbz82c3eBxpD7olGwTTTChPLqtIB-nRlykOdZyBekg0u3GyGpnLp45L6aCLajcBFU-gC2VhklRvtKqDQx96fENPwUe8fmHtTscyfo91GbF6dtl691rbjSNWbe0Nm7RDN5oKiWIM9M6-EFTRr9kgrVxghk3wIrHkrXcOcILKiARVEGMOwJfcsdkocrR1XYg-L_xvst9GBvhb2nSYv8eED5Nc-Jl24jzG5m7Q1dF7du8CbZh9RfWdVX7kZ9H7vIdXxDgcLJE0RDLafPAWnODSlvB8o1-uL8uEtdR2ckWfpbY6SzSwIvsougydb1UsxvF-cOAHOAeP_-Rxd2_EzWj5oNEsNBtTB8Vl-Xx3c2KHHeGqVPIoereA9aLRe7I862gQhwMbw-6tl9GJRqJwd7Y2u4n_cTntahD3I8igxJr7roFqzyGh_qQe5MnqlpXWZ38EXZpVSijqjpqVyfkAaoIn8KI9noyM72jB5DjJnGf6BIHHlnDOQRdtYUYtAkAwZ4rwqAOT1ek1zt5Avc6ZtKi7YUfzTA_JmHcmh65Po7yzgPo1xY9V2FDyEoeQgOribaJx5hX9u4LXszwqgpm5XnzepIduKlCmtGj5ixhbRNNz48qad63yLO92mg8GiFQ8ccxgE6HwfOkzFP5JXZHmlym7uwjLySvxgc9b3NiDk2a7TVvj7zpwVrEH6SwL2saqm_yBg-ChyfwjAHDV3UGFqqL4KJrKFejjK6DPiRNCGKMqlNjI1AloN_oUsmdE-5yc9TLcembiyAfAxHcAAjUvFMni9UbDiueM5WQzlATCGFPerlNyFSZn_Vmk-8vIb-OhVyF-izs42ZJfBlT8nIyZbPT__j_VToDq7B4H-3yfsu6PMxJqurRkBPUpubRUsDzaX_yfLP4S_6xluz-OOn_XE74Ps2ukAl7NWwVpXYVbBTlQbBSAUu2XiQxNOTubieeCxiWLqumnrlXNLeDtOdTQgI1WWNlvb2vZdKkk4wt-YIE-AV9lH9Zr6mm5bfEwlz7cHpEBUhDDVqrjejGg9q10-GDSTj4HRlqUH_hP4WpzEOoRabfOsYZU3PwZcRE00ox9cR5IHtytefOUefu9vXxkt6vn1rcticqCm8GNMa2kOy-HA843X4trYceHpsDENKF2pXQVPklGuJbTtxTNJ4W7pwI9tgsxdlaqNcjaV66eagm5LE427BdRZfRwuEOFSUiJunTp46Z-w&cid=CAASJORoq-kvHtbipGYyLFZgXhfq6AAPhX6e9znduIUpEekHV38A-w&rfl=1%2Chttps%253A%252F%252Forientaldaily.on.cc%252Fcontent%252F%2525E7%252594%2525A2%2525E7%2525B6%252593%252Fodn-20220630-0630_00202_035%252F%2525E6%2525B8%2525A3%2525E6%252589%252593%2525E6%252593%2525AC%2525E5%252586%25258D%2525E6%252595%2525B4%2525E5%252590%252588%2525E5%25258D%2525B0%2525E5%2525BA%2525A6%2525E8%2525B2%2525B8%2525E6%2525AC%2525BE%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ba85131af42d7740dca489997e5adc1b256163aa7f5c99a20ab5fa830eee7eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3565501396&adf=356650500&pi=t.ma~as.6393984442&w=300&lmt=1656580773&psa=1&format=300x250&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656580773656&bpp=2&bdt=7223&idt=2&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a6045127e940fb5%3AT%3D1656580769%3AS%3DALNI_MaKWkbLjd2cIdIMRVa0hUrCpoR9Gg&prev_fmts=0x0%2C728x90&nras=1&correlator=602963358455&rume=1&frm=20&pv=1&ga_vid=248626736.1656580771&ga_sid=1656580771&ga_hid=15067015&ga_fc=1&ga_cid=965798538.1656580769&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065545%2C31067983%2C44768099%2C42531605%2C31061691%2C31061693&oid=2&psts=AGkb-H-E8KtuX9tnYDO0dEIVXKYMs8MpeiKpZ9Cg816LMBGbJHt5MLIotrhsddlLZYLOGbUUue4aiNoZwrwXkPMq&pvsid=203634787387024&tmod=1126593315&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=OZul6jj5kC&p=https%3A//orientaldaily.on.cc&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36992
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A32C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMpwUNUSYJ_JWBfihedb89I&google_cver=1

43 B
114 B

28ms
28ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMpwUNUSYJ_JWBfihedb89I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQyoXsyAMYu8ejzAEwAQ&v=APEucNVHwAQ5ujHrLdjBtN8Vnmaztupiy-VED3jDsjxAlCO-LhuXSn_hs4AkfCl-T23-Y4JrOcbItVP9pGyZTG1nV5VuTvEJY92LKbJp6upertGg0P3qR1H45XH82I-9haqLzxRaWaMtQJ21sI8X5Kg5GGPYHekviuFfgU7dpQOfov7XgOqa_S0
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:34 GMT
via: 1.1 google
server: OXGW/7f1e280
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMpwUNUSYJ_JWBfihedb89I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame A32C 43 B
306 B 59ms
28ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQyoXsyAMYu8ejzAEwAQ&v=APEucNVHwAQ5ujHrLdjBtN8Vnmaztupiy-VED3jDsjxAlCO-LhuXSn_hs4AkfCl-T23-Y4JrOcbItVP9pGyZTG1nV5VuTvEJY92LKbJp6upertGg0P3qR1H45XH82I-9haqLzxRaWaMtQJ21sI8X5Kg5GGPYHekviuFfgU7dpQOfov7XgOqa_S0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:34 GMT
content-encoding: gzip
server: OXGW/7f1e280
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame A32C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEJxzrtHUn8e6Km-CDdhsnS8&google_cver=1

23 B
172 B

32ms
32ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEJxzrtHUn8e6Km-CDdhsnS8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQyoXsyAMYu8ejzAEwAQ&v=APEucNVHwAQ5ujHrLdjBtN8Vnmaztupiy-VED3jDsjxAlCO-LhuXSn_hs4AkfCl-T23-Y4JrOcbItVP9pGyZTG1nV5VuTvEJY92LKbJp6upertGg0P3qR1H45XH82I-9haqLzxRaWaMtQJ21sI8X5Kg5GGPYHekviuFfgU7dpQOfov7XgOqa_S0
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:34 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 30 Jun 2022 09:19:34 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEJxzrtHUn8e6Km-CDdhsnS8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame A32C 23 B
172 B 55ms
33ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQyoXsyAMYu8ejzAEwAQ&v=APEucNVHwAQ5ujHrLdjBtN8Vnmaztupiy-VED3jDsjxAlCO-LhuXSn_hs4AkfCl-T23-Y4JrOcbItVP9pGyZTG1nV5VuTvEJY92LKbJp6upertGg0P3qR1H45XH82I-9haqLzxRaWaMtQJ21sI8X5Kg5GGPYHekviuFfgU7dpQOfov7XgOqa_S0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:34 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 30 Jun 2022 09:19:34 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1034476/63675810/ Frame 8D86 234 KB
71 KB 106ms
30ms Script
application/javascript 54.246.237.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1034476/63675810/skeleton.js?ias_dspID=3&ias_campId=29059254&ias_pubId=pub-3571272074788370&ias_chanId=1&ias_placementId=17482479250&bidurl=https://orientaldaily.on.cc/content/%25E7%2594%25A2%25E7%25B6%2593/odn-20220630-0630_00202_035/%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jONqHUJRh4gXqgGcNWqbsH
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.237.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-237-93.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b21fb01bda0d2bb50a6ce7b626741aaade4325e13172db17d42d562c18b1b7c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:34 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 8D86 170 KB
59 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 12:00:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76760
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Jun 2022 12:00:14 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/elements/html/ Frame 8D86 8 KB
3 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRuwGB40994zYR9q8jAz5k_GcuI9Ncd_Co_bPtU2rtjE9BHMORwEd4GHHEEVh28fqe4Z-_vGwzHIO279EU_AytGW1BwM9W997f2S_3WLdBJP-RC8Z0hHvjacSfiONZ11ZYrLVV-MfvZejMymKAyrxDwXky6g&dbm_d=AKAmf-Cpw2_j03lY2xLHLqrcm_t6pJnQ_JVmHzVAL5pXSidg7kOZPbrDzaGp9bIcq0mfbEuFdIlxLVQ5rJASNrI03F0Sd5miakyT993RiZcP0RdB5xrnjnpU2cbW4T8yRYfaaAuAMAtU3vlrjA_Mlqge2pvi_eQGuDgh4tUSmzEHeZ9h_I8U4ZqRQ0qSEzn1Kajghrke1W8A9HQkprj9yc7vTRwSDhaKVJ_hwimYsAQAurlhMrzyJ4V0c0QIPuDE9Dpw--_dC0QRGToynkydSDCnZUjevtYIM5O72GcspzAqnyd2XxBMC7xEi00fHXkEhACN9pCAoKE-3ndJsYChSUyolcvZwpj0KbNOqwbufdWCdn0vkHgQp_zdZJFJ2oYmRqtPnu3SLCn4GC40sPCzAeYYUC9jX5fqxIvIiH_xvwzJYscBHqb8RCzhlAW-g9xLjJwJLPuC7IQp5dBzk2ZpS7U40zqdWFMk2VcnWCC8e7LSVteRud252zriIdQwgi3LBAgJIvqPlOCL5OBON38qzImKVM7zLbpEPEMPCnSgyITyboyvqvkezgamc4_QFr4UeQy_R8dvkldCJqN44O2Li0zL4TbI5yEONp78QxW5EZrOO8dGiM73dHx07Q8BiqscYq3htukHu8RM_1LQ2C0jfituPnSSlX8UGoS_MHQzQgzDTNTBvIiXcBqiOk-ooibfFkSnF2u1evT0rP4Mmtq63IK7o3fpVGNLXmZwdB1WkkmTHdSrAtzE6lttWO_nCgTp3EkYRrHSGlR-NMRcwyfMx7JIY2rr8v7AxuP2vWEeHkzaPsoyEEWkCt8eKafWMzSD0VC1c3ZLJjlzJyPkkJGTSCpHl7Yb8HIwYrtpaJnoJn1WG2SQ4kiK5ZDOtyyQDoYnvAotAGkp9wUFVFptgb3Omu4vAjVmwQkEWlUZt1E7_ne8dymxSQXhXeWx-OtFM1mFq4FToFTDexqhFyEBfuGTWqDC2VUjJKmMZrAuiFrrKWYFNJNiiVX7fcXj_upfOMb9NbGvom6uTZz-Qcd8ta-q1X0mdq3xNeisdrKCUwacslISaRtVOu8gSDEnm24cx7o1Vu9OTB7jkuWvoyRXsSbtOiNMouok1YQPnRNE0SjcXJcirYjoAT800oiplLzZzDSBEVnMSPOyycVryy7bL3hEDWz5hfvHmDouvwE50wZV1lbhBdzSbtLoa6etzVwv8fZQs13E_ljmow1tDMjJdnTi5Moy1-EkfLPu5zzwIoHIPWc9NXthGhMgcx4jigGpbuHu_4ce4SsRaxsSrk5xKpTJ8RV3RoICpoZJdVhsFNaHsCgbYU2Ym9QlL1USYmM_qScPAAgAhjDAmfFA5XnjzvT-zGH_Xl8QhVZkU9fzNp5yfXIrZQCyjzQYVAgjH7NvxqFw2f2RkddhiYfgrvu_D0LPs5y5SSlYe-veZHE37UkoHjdaUCKGvAz2R-f2Li56SMe0Jj0clb9fhaeA1dfuFud5TK9_hACwB-6b-A9s_74IDO8tS4jdo6UDPYB4BxFfmb5UbuVUcuyApMI_YLL53HGizhye9aED468mK_C13ILG3caaEmvbLBDPK1t0nxjkuUYaT5CnGmGCrLzu8dmxTqqq08bR-uzfQUAZDO8QplS-1jhY-szH5l66U771iFVi5VaqGWkFViXDSR_zILg8yKGhVLl1X7aBjjAm1YBYrD92GJwZuUzaTxZz_cF2zRBLt4GHRktmfKQO9UeDUFDGVG83-EIXC0SwHIgZQhp5wRg0Y0VztuNlJYPw_PjOu_srkB58qcCIRW3NnKxUNKLyuNNkdBUqXMyx7C-rPBZorbvVIEdhDIOYdQxaI7CLw_l77lGll_KutRmik1Afo-3BC5LUF_I-9cZEf3tdOFPIi_eeSIjzlSHxharf5IuGJUA2z0ce4Sr3RZbSFkxScN8cE-2hdCNW-7ZslivP0zERcsA2E-i5ZDtpsP_YzkxSmaydVfgPyQoP-vOuHpGxKemLLO9slYL9t9o2GLPj7qNxG4GkT-361C7VKGGWJ5ExBprpYdP5QnUb1VHT8W3SmWykqiQuM2J1-ILgS23HLX-eCQNKTVKGbMFe2hKLHvkBTPukfBevKvehsA61GBwqDPqa92_pCbUyD9xA9iEbz82c3eBxpD7olGwTTTChPLqtIB-nRlykOdZyBekg0u3GyGpnLp45L6aCLajcBFU-gC2VhklRvtKqDQx96fENPwUe8fmHtTscyfo91GbF6dtl691rbjSNWbe0Nm7RDN5oKiWIM9M6-EFTRr9kgrVxghk3wIrHkrXcOcILKiARVEGMOwJfcsdkocrR1XYg-L_xvst9GBvhb2nSYv8eED5Nc-Jl24jzG5m7Q1dF7du8CbZh9RfWdVX7kZ9H7vIdXxDgcLJE0RDLafPAWnODSlvB8o1-uL8uEtdR2ckWfpbY6SzSwIvsougydb1UsxvF-cOAHOAeP_-Rxd2_EzWj5oNEsNBtTB8Vl-Xx3c2KHHeGqVPIoereA9aLRe7I862gQhwMbw-6tl9GJRqJwd7Y2u4n_cTntahD3I8igxJr7roFqzyGh_qQe5MnqlpXWZ38EXZpVSijqjpqVyfkAaoIn8KI9noyM72jB5DjJnGf6BIHHlnDOQRdtYUYtAkAwZ4rwqAOT1ek1zt5Avc6ZtKi7YUfzTA_JmHcmh65Po7yzgPo1xY9V2FDyEoeQgOribaJx5hX9u4LXszwqgpm5XnzepIduKlCmtGj5ixhbRNNz48qad63yLO92mg8GiFQ8ccxgE6HwfOkzFP5JXZHmlym7uwjLySvxgc9b3NiDk2a7TVvj7zpwVrEH6SwL2saqm_yBg-ChyfwjAHDV3UGFqqL4KJrKFejjK6DPiRNCGKMqlNjI1AloN_oUsmdE-5yc9TLcembiyAfAxHcAAjUvFMni9UbDiueM5WQzlATCGFPerlNyFSZn_Vmk-8vIb-OhVyF-izs42ZJfBlT8nIyZbPT__j_VToDq7B4H-3yfsu6PMxJqurRkBPUpubRUsDzaX_yfLP4S_6xluz-OOn_XE74Ps2ukAl7NWwVpXYVbBTlQbBSAUu2XiQxNOTubieeCxiWLqumnrlXNLeDtOdTQgI1WWNlvb2vZdKkk4wt-YIE-AV9lH9Zr6mm5bfEwlz7cHpEBUhDDVqrjejGg9q10-GDSTj4HRlqUH_hP4WpzEOoRabfOsYZU3PwZcRE00ox9cR5IHtytefOUefu9vXxkt6vn1rcticqCm8GNMa2kOy-HA843X4trYceHpsDENKF2pXQVPklGuJbTtxTNJ4W7pwI9tgsxdlaqNcjaV66eagm5LE427BdRZfRwuEOFSUiJunTp46Z-w&cid=CAASJORoq-kvHtbipGYyLFZgXhfq6AAPhX6e9znduIUpEekHV38A-w&rfl=1%2Chttps%253A%252F%252Forientaldaily.on.cc%252Fcontent%252F%2525E7%252594%2525A2%2525E7%2525B6%252593%252Fodn-20220630-0630_00202_035%252F%2525E6%2525B8%2525A3%2525E6%252589%252593%2525E6%252593%2525AC%2525E5%252586%25258D%2525E6%252595%2525B4%2525E5%252590%252588%2525E5%25258D%2525B0%2525E5%2525BA%2525A6%2525E8%2525B2%2525B8%2525E6%2525AC%2525BE%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:14:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 09:14:34 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/ Frame 8D86 27 KB
10 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10545
x-xss-protection: 0
server: cafe
etag: 4672069523611413616
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 09:13:13 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8D86 41 KB
15 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 612
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 09:09:22 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5657 1 KB
749 B 37ms
36ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12350
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 05:53:44 GMT
etag: 48472445140208031
expires: Fri, 01 Jul 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8D86 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 447bcc77c4e96b5acf7ef62a9c67593cc3a229250facf0ebd1eb5573f7911893

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/18323139811780221838/ Frame 67EE 102 KB
25 KB 47ms
47ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18323139811780221838/index.html?e=69&leftOffset=0&topOffset=0&c=GxSKnmnSrd&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bb9742051b029706b3534865cf015f63a963ec093de84618c80feb3f96cbbf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 09:19:34 GMT
expires: Fri, 30 Jun 2023 09:19:34 GMT
last-modified: Tue, 07 Jun 2022 13:05:20 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8D86 0
27 B 78ms
77ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsusZu7fPAdASIMIgcKnf_shGOEyiuNHPT8AO6xFMJg-Sq5xJUyvbUaGLV7JPW0UudpTytKXX4QZnn5iCQLfkUD60_g3jcAiINyZDFBLNlb9hvcr1HAgmZnIRA3RKpFLSGd9OywpVwcZNHYOWlzJRExvLHvRSy4Bc99qH2j-Y95SOhhRviUrL1xtdEeYXdHxgVGz3-ASJKCVgDo6q0sO5_tbFfNLWz1w8ALQHgAGF0qglNa5rFv4LZawLP6Wg2KQk7252zxnhxCtM6wxa_KggewOqwcnE0kQvDHIubZ_pC0NBG4YgHk80BmO3XXWGZiYeKWTOu466egxHOiex7DbNVEwNIk8dl1upF7TKeYjoV1itVWYVdpe_9Xkqtp0d2BTpXXXp8Lsbmm_eGAM2oX1ekrpIEb2hibNH_2JuU48CYZjJcbql9OW-lj6Rji7QyUcNgtY5oCXxr-bAfxLtEcb0q-_COlpcBHH_TEIUCuF-tomNFgvwAE6wQIalPmaLh-jmuGixAChh4NIxIR7Mi4oIgVgXyZWwIAFKjkT6rVngxpQChdlwbpDYcy6GS9DhF3NepGlB8sizwLBwKjh-8AmHKHGC2XniXZNc4e_dSbO3-kVB8Rs0syiiSLKLxIU8BL7lh3ugKdvd788i3EL6UffcIEIjaK2MpRQaJOoy73X_rNTV_J9xThhqF4svnMs9_VsdBC78oGN8gVpiCLdjEqzHVKEiyTnpEThRHQZf6N7wiW9mfuJVub55K3hQ0-hJWV7tCy_-Ata6AVRBzg7AawUX3K0Wc1j0iy4udsOUGdE8unxZV4n3ju9n1yataHHsYJ14Grnrny0AErEyrKVW99-cMRrIuil1Pw9BUr87E97rJqhbwqJdi_pgfpQLAvQvsNo1tjjRaqveE0bgA3YeMbc4SHiIyrlupLZ_WAr2rHJS5DUMfxW2gutn7PVGDQbJ-KeU0gz4JcNccOYiDtZOr4VPLeclh9xJQQnZ1HYI6A1lko89cl7D67sQuZrfpSqm-5nPFe0cj4ElQDkYaMKx9WR3hBPFFXFhAOkRwnMEql_KerU-rrihUPp3z0he-KPxH7JsNEg3VHctvpqTK1zG-V6tVEe4v5HEOsc9unDAQnoInAZoqIPU4KhEqy3W3ySqek9--iPXQskrp_KwdYk_XOVsFLNkhhc2GQqXMbJ9djELFO3XTxuQpGP10vLWpshJ-4asfZXvJeniYC2v4-xb4yuLNPwVwLEEtWx3BNb_ywQ&sai=AMfl-YTKyzyJsBuJwgPM-JEpZG8E_93rckMmWs8iWOwDNqUJpnKf0ZJQWjHWmFsyoSVh0-H78wQFDOoK-Od68jBMwI1cT0fs6_eYRT9SKV3k5Q2okTUfIdAmHg7OBlPjkNIIoBniMnAqT7cNq71jsJdo_Ps11OkidtRQrr7RTSjTI5r90yeGudm1Urr6Oradp4MEu_mPEI-hx47L95o2_5vI9w&sig=Cg0ArKJSzNHtm3wn-ecvEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=82&cbvp=1&cstd=77&cisv=r20220628.09777&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 30 Jun 2022 09:19:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7265 22 KB
8 KB 39ms
39ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 09:09:55 GMT
expires: Fri, 30 Jun 2023 09:09:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5657
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGo0FNB7Ax7msB_Qf86cinE&google_cver=1&google_push=ARnp8GATyDsSL8HN3V-1wvBoy5Px_QcSqdGmJp2EIJ43oDiIgwqyWMTB1W...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GATyDsSL8HN3V-1wvBoy5Px_QcSqdGmJp2EIJ43oDiIgwqyWMTB1WwDRpMl7ZA0ZwWNFgn3InNLYyzZNEaeVS3wn2j0r1g&google_hm=2KjCEN1wRwpZx...

170 B
188 B

41ms
41ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GATyDsSL8HN3V-1wvBoy5Px_QcSqdGmJp2EIJ43oDiIgwqyWMTB1WwDRpMl7ZA0ZwWNFgn3InNLYyzZNEaeVS3wn2j0r1g&google_hm=2KjCEN1wRwpZx6ySqwPjZw

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GATyDsSL8HN3V-1wvBoy5Px_QcSqdGmJp2EIJ43oDiIgwqyWMTB1WwDRpMl7ZA0ZwWNFgn3InNLYyzZNEaeVS3wn2j0r1g&google_hm=2KjCEN1wRwpZx6ySqwPjZw
pragma: no-cache
date: Thu, 30 Jun 2022 09:19:34 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5657 0
12 B 38ms
38ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K9XftaEeqRajNyLOYfQ5dqp1jBtdNd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 67EE 118 KB
40 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18323139811780221838/index.html?e=69&leftOffset=0&topOffset=0&c=GxSKnmnSrd&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18323139811780221838/index.html?e=69&leftOffset=0&topOffset=0&c=GxSKnmnSrd&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 12:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76759
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Jun 2022 12:00:15 GMT

GET
H3 200 jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js Show response
pagead2.googlesyndication.com/bg/ Frame 7265 36 KB
13 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 09:10:06 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 8D86
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1034476/63675810/4.js?ias_dspID=3&ias_campId=29059254&ias_pubId=pub-3571272074788370&ias_chanId=1&ias_placementId=17482479250&bidurl=https://orientaldaily.on.c...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

13ms
9ms

Script
application/javascript

2600:9000:223f:3c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3565501396&adf=356650500&pi=t.ma~as.6393984442&w=300&lmt=1656580773&psa=1&format=300x250&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656580773656&bpp=2&bdt=7223&idt=2&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a6045127e940fb5%3AT%3D1656580769%3AS%3DALNI_MaKWkbLjd2cIdIMRVa0hUrCpoR9Gg&prev_fmts=0x0%2C728x90&nras=1&correlator=602963358455&rume=1&frm=20&pv=1&ga_vid=248626736.1656580771&ga_sid=1656580771&ga_hid=15067015&ga_fc=1&ga_cid=965798538.1656580769&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065545%2C31067983%2C44768099%2C42531605%2C31061691%2C31061693&oid=2&psts=AGkb-H-E8KtuX9tnYDO0dEIVXKYMs8MpeiKpZ9Cg816LMBGbJHt5MLIotrhsddlLZYLOGbUUue4aiNoZwrwXkPMq&pvsid=203634787387024&tmod=1126593315&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=OZul6jj5kC&p=https%3A//orientaldaily.on.cc&dtd=12
Protocol: H2
Server: 2600:9000:223f:3c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 22:10:32 GMT
content-encoding: gzip
age: 126543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Tue, 28 Jun 2022 22:10:30 GMT
server: AmazonS3
etag: W/"96e16e7453ae2e6952bc6d2a20ea29f7"
vary: Accept-Encoding
x-amz-version-id: v_I9zSEZlgGfvJRy1EW2EMh2.n1jYzhH
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: 3WLbZWRXjDIkns4_GzrfjMriHxsUExaDrdtcMrIztajwXxaU7eTt-Q==

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:34 GMT
x-server-name: app10.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 130A 80 KB
21 KB 51ms
8ms Script
application/javascript 2600:9000:223f:3c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3565501396&adf=356650500&pi=t.ma~as.6393984442&w=300&lmt=1656580773&psa=1&format=300x250&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656580773656&bpp=2&bdt=7223&idt=2&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a6045127e940fb5%3AT%3D1656580769%3AS%3DALNI_MaKWkbLjd2cIdIMRVa0hUrCpoR9Gg&prev_fmts=0x0%2C728x90&nras=1&correlator=602963358455&rume=1&frm=20&pv=1&ga_vid=248626736.1656580771&ga_sid=1656580771&ga_hid=15067015&ga_fc=1&ga_cid=965798538.1656580769&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065545%2C31067983%2C44768099%2C42531605%2C31061691%2C31061693&oid=2&psts=AGkb-H-E8KtuX9tnYDO0dEIVXKYMs8MpeiKpZ9Cg816LMBGbJHt5MLIotrhsddlLZYLOGbUUue4aiNoZwrwXkPMq&pvsid=203634787387024&tmod=1126593315&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=OZul6jj5kC&p=https%3A//orientaldaily.on.cc&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
content-encoding: gzip
age: 11647291
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: lJfPUWMz1ON_bRq56N_MnFkuGaQABoo81suwWfFp9JsGd5tpa4f1Ig==

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 8D86 43 B
301 B 249ms
80ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1034476&asId=fe005022-b5be-5472-512a-260e2031f01a&tv=%7Bc:h0LtUb,pingTime:-3,time:48,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:14%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:48,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B44~0%5D,as:%5B44~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:taeo6Fx+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C161%7C162%7C163%7C164%7C17%7C18*.1034476-63675810%7C181%7C182%7C183%7C184,idMap:18*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3565501396&adf=356650500&pi=t.ma~as.6393984442&w=300&lmt=1656580773&psa=1&format=300x250&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656580773656&bpp=2&bdt=7223&idt=2&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a6045127e940fb5%3AT%3D1656580769%3AS%3DALNI_MaKWkbLjd2cIdIMRVa0hUrCpoR9Gg&prev_fmts=0x0%2C728x90&nras=1&correlator=602963358455&rume=1&frm=20&pv=1&ga_vid=248626736.1656580771&ga_sid=1656580771&ga_hid=15067015&ga_fc=1&ga_cid=965798538.1656580769&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065545%2C31067983%2C44768099%2C42531605%2C31061691%2C31061693&oid=2&psts=AGkb-H-E8KtuX9tnYDO0dEIVXKYMs8MpeiKpZ9Cg816LMBGbJHt5MLIotrhsddlLZYLOGbUUue4aiNoZwrwXkPMq&pvsid=203634787387024&tmod=1126593315&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=OZul6jj5kC&p=https%3A//orientaldaily.on.cc&dtd=12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 09:19:34 GMT
X-Server-Name: dt49.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 8D86 43 B
301 B 248ms
81ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1034476&asId=fe005022-b5be-5472-512a-260e2031f01a&tv=%7Bc:h0LtUc,pingTime:-6,time:49,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:50,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B45~0%5D,as:%5B45~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:taeo6Fx+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C161%7C162%7C163%7C164%7C17%7C18*.1034476-63675810%7C181%7C182%7C183%7C184,idMap:18*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:orientaldaily.on.cc*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3565501396&adf=356650500&pi=t.ma~as.6393984442&w=300&lmt=1656580773&psa=1&format=300x250&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656580773656&bpp=2&bdt=7223&idt=2&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a6045127e940fb5%3AT%3D1656580769%3AS%3DALNI_MaKWkbLjd2cIdIMRVa0hUrCpoR9Gg&prev_fmts=0x0%2C728x90&nras=1&correlator=602963358455&rume=1&frm=20&pv=1&ga_vid=248626736.1656580771&ga_sid=1656580771&ga_hid=15067015&ga_fc=1&ga_cid=965798538.1656580769&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065545%2C31067983%2C44768099%2C42531605%2C31061691%2C31061693&oid=2&psts=AGkb-H-E8KtuX9tnYDO0dEIVXKYMs8MpeiKpZ9Cg816LMBGbJHt5MLIotrhsddlLZYLOGbUUue4aiNoZwrwXkPMq&pvsid=203634787387024&tmod=1126593315&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=OZul6jj5kC&p=https%3A//orientaldaily.on.cc&dtd=12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 09:19:34 GMT
X-Server-Name: dt58.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 8D86 43 B
301 B 243ms
80ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1034476&asId=fe005022-b5be-5472-512a-260e2031f01a&tv=%7Bc:h0LtUn,pingTime:-2,time:60,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:802,beZ:802,mfA:804,cmA:805,inA:805,inZ:808,prA:808,prZ:813,si:817,poA:818,poZ:838,cmZ:838,mfZ:838,loA:851,loZ:853,ltA:861,ltZ:861%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:14%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:60,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B55~0%5D,as:%5B55~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:taeo6Fx+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C161%7C162%7C163%7C164%7C17%7C18*.1034476-63675810%7C181%7C182%7C183%7C184,idMap:18*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,sinceFw:43,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3565501396&adf=356650500&pi=t.ma~as.6393984442&w=300&lmt=1656580773&psa=1&format=300x250&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656580773656&bpp=2&bdt=7223&idt=2&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a6045127e940fb5%3AT%3D1656580769%3AS%3DALNI_MaKWkbLjd2cIdIMRVa0hUrCpoR9Gg&prev_fmts=0x0%2C728x90&nras=1&correlator=602963358455&rume=1&frm=20&pv=1&ga_vid=248626736.1656580771&ga_sid=1656580771&ga_hid=15067015&ga_fc=1&ga_cid=965798538.1656580769&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065545%2C31067983%2C44768099%2C42531605%2C31061691%2C31061693&oid=2&psts=AGkb-H-E8KtuX9tnYDO0dEIVXKYMs8MpeiKpZ9Cg816LMBGbJHt5MLIotrhsddlLZYLOGbUUue4aiNoZwrwXkPMq&pvsid=203634787387024&tmod=1126593315&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=OZul6jj5kC&p=https%3A//orientaldaily.on.cc&dtd=12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 09:19:34 GMT
X-Server-Name: dt53.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 LandRoverWeb-Bold.woff
s0.2mdn.net/creatives/assets/4524566/ Frame 67EE 19 KB
19 KB 40ms
40ms Font
font/woff 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4524566/LandRoverWeb-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18323139811780221838/index.html?e=69&leftOffset=0&topOffset=0&c=GxSKnmnSrd&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5459851818636571b7286afd1a08ccd3991e479808e70ee8dc7b2ffca2201e63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/18323139811780221838/index.html?e=69&leftOffset=0&topOffset=0&c=GxSKnmnSrd&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:15:30 GMT
x-content-type-options: nosniff
age: 244
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18968
x-xss-protection: 0
last-modified: Thu, 05 May 2022 09:00:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Jun 2022 09:30:30 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 67EE 62 KB
23 KB 39ms
38ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ed589f2773c7f62a29c7691a961a85c95ac374c666dec2d6eb6a1abd0350a65e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 864
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23708
x-xss-protection: 0
server: cafe
etag: 12776144751522492165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 10:05:10 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 67EE 7 KB
5 KB 51ms
50ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0b3331d76baa17e23051e7d2f5dac01e76bcaf64ff5a031861b0021607274b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5579
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 67EE 17 KB
6 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Jun 2022 09:19:34 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8D86 0
26 B 69ms
69ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsusZu7fPAdASIMIgcKnf_shGOEyiuNHPT8AO6xFMJg-Sq5xJUyvbUaGLV7JPW0UudpTytKXX4QZnn5iCQLfkUD60_g3jcAiINyZDFBLNlb9hvcr1HAgmZnIRA3RKpFLSGd9OywpVwcZNHYOWlzJRExvLHvRSy4Bc99qH2j-Y95SOhhRviUrL1xtdEeYXdHxgVGz3-ASJKCVgDo6q0sO5_tbFfNLWz1w8ALQHgAGF0qglNa5rFv4LZawLP6Wg2KQk7252zxnhxCtM6wxa_KggewOqwcnE0kQvDHIubZ_pC0NBG4YgHk80BmO3XXWGZiYeKWTOu466egxHOiex7DbNVEwNIk8dl1upF7TKeYjoV1itVWYVdpe_9Xkqtp0d2BTpXXXp8Lsbmm_eGAM2oX1ekrpIEb2hibNH_2JuU48CYZjJcbql9OW-lj6Rji7QyUcNgtY5oCXxr-bAfxLtEcb0q-_COlpcBHH_TEIUCuF-tomNFgvwAE6wQIalPmaLh-jmuGixAChh4NIxIR7Mi4oIgVgXyZWwIAFKjkT6rVngxpQChdlwbpDYcy6GS9DhF3NepGlB8sizwLBwKjh-8AmHKHGC2XniXZNc4e_dSbO3-kVB8Rs0syiiSLKLxIU8BL7lh3ugKdvd788i3EL6UffcIEIjaK2MpRQaJOoy73X_rNTV_J9xThhqF4svnMs9_VsdBC78oGN8gVpiCLdjEqzHVKEiyTnpEThRHQZf6N7wiW9mfuJVub55K3hQ0-hJWV7tCy_-Ata6AVRBzg7AawUX3K0Wc1j0iy4udsOUGdE8unxZV4n3ju9n1yataHHsYJ14Grnrny0AErEyrKVW99-cMRrIuil1Pw9BUr87E97rJqhbwqJdi_pgfpQLAvQvsNo1tjjRaqveE0bgA3YeMbc4SHiIyrlupLZ_WAr2rHJS5DUMfxW2gutn7PVGDQbJ-KeU0gz4JcNccOYiDtZOr4VPLeclh9xJQQnZ1HYI6A1lko89cl7D67sQuZrfpSqm-5nPFe0cj4ElQDkYaMKx9WR3hBPFFXFhAOkRwnMEql_KerU-rrihUPp3z0he-KPxH7JsNEg3VHctvpqTK1zG-V6tVEe4v5HEOsc9unDAQnoInAZoqIPU4KhEqy3W3ySqek9--iPXQskrp_KwdYk_XOVsFLNkhhc2GQqXMbJ9djELFO3XTxuQpGP10vLWpshJ-4asfZXvJeniYC2v4-xb4yuLNPwVwLEEtWx3BNb_ywQ&sai=AMfl-YTKyzyJsBuJwgPM-JEpZG8E_93rckMmWs8iWOwDNqUJpnKf0ZJQWjHWmFsyoSVh0-H78wQFDOoK-Od68jBMwI1cT0fs6_eYRT9SKV3k5Q2okTUfIdAmHg7OBlPjkNIIoBniMnAqT7cNq71jsJdo_Ps11OkidtRQrr7RTSjTI5r90yeGudm1Urr6Oradp4MEu_mPEI-hx47L95o2_5vI9w&sig=Cg0ArKJSzNHtm3wn-ecvEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=336&vt=11&dtpt=254&dett=3&cstd=77&cisv=r20220628.09777&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:19:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7265 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjX_bpmq9YoyEDezX7_UPw4ijkAcAAAAAOAHgBAI&bg=!ZmWlZSHNAAaLlKKnq5Q7ACkAdvg8WuZaKDzHFzcx9oMTYiU9FseA28nh0NJvS3fb8VOxIiM-CfppFAIAAABoUgAAAAFoAQeZAwOFw77YscQxN-cH4Me_spPC4Ow0XoY4ptkbZp2o6bHH0s7lX5Rbmpb5kc-PSr4gLFzTbviOwnzwToJDX-XeS3nE5w3YfnOJ8DbhnJRaMGkfkkq-8GbDHnCiXsMmCyuqtmnv2MHIX64VfRDNyPPZ6mDCEU78F6jYasdx9KypIDHAd1oP_cr8x7NdspLdaj9PkQN2UhEJi4Ts-j8NabuG1LomXNzvFvEGmpLt3NIo7h6hmeDsZiH70JziIpKAtoAP4mJ_6uSfTmzVhj8kH8fliLDcBAk7sfEl--ueOtBV5HhfUyc18CeafKIvCzB70IURk4HNP851By1cO0_zAzJtwGICi8r7sHrfO1PM4JbcCOYKE7az5K2YNSoNxfB7d3xkqMmC9oSx6yv_jnAhaiCySuP6Nss5JwbVmy6_nAINuGs0tfuSfFB0BbEcCbJfBsyF73pHUTOst35egFc-RXRaO9TI2qmHkJPsIQzg3mPJIbQ7FJGdE1-5ybR52n5-hdMI8cOHTWO6lO7u6JDlxG2b7yqJ8QG-E9w4qp4aiNAvLBGWLbOB2H9dilUxo7wd8k4wvPaaJs-jCms4mF2XsTQGSxiL4fOqd63bdreIrZPxYehvbIbukttdFzPS747prdGP9G-AErAvxesLn6X5-g5zsWKAmDPM3cLonH32KnD6VX_69JjFBXKzos58Z_xNFxzPY5iiNOlUzD_-XGgP0eiMsaM-w17_XX2lgPJW4sKqpgbHzNQmMpYgES4eRMGQ2SG_WAgao1deMs1omTDzMZjAZYhfJC1nfk-U1uTkrd2-6AHuKHLoYBiWQrN35ZVhZ464cfUAas53GAWq01X0w6DboHHHD-VNBs_ssEN8AxUT1xiFAJHk406ncrBgXkn24tK3hS1crTjxt-r7ZM3FI5L3YnNWB0iz0DDXcbvkomp9veOeoizzWKL8EpwA-UpRdREz3rvinVezEwFX1J0WTcZPYKjImcGdqhV-LAJIYsNA0zD1rs9QfLpNMdp7FNENGaUQnofdNyo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 8D86 43 B
301 B 170ms
80ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1034476&asId=fe005022-b5be-5472-512a-260e2031f01a&tv=%7Bc:h0LtWM,time:209,type:e,im:%7Bpci:%7Btdr:165%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:209,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B204~0%5D,as:%5B204~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:taeo6Fx+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C161%7C162%7C163%7C164%7C17%7C18*.1034476-63675810%7C181%7C182%7C183%7C184,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3565501396&adf=356650500&pi=t.ma~as.6393984442&w=300&lmt=1656580773&psa=1&format=300x250&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656580773656&bpp=2&bdt=7223&idt=2&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a6045127e940fb5%3AT%3D1656580769%3AS%3DALNI_MaKWkbLjd2cIdIMRVa0hUrCpoR9Gg&prev_fmts=0x0%2C728x90&nras=1&correlator=602963358455&rume=1&frm=20&pv=1&ga_vid=248626736.1656580771&ga_sid=1656580771&ga_hid=15067015&ga_fc=1&ga_cid=965798538.1656580769&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065545%2C31067983%2C44768099%2C42531605%2C31061691%2C31061693&oid=2&psts=AGkb-H-E8KtuX9tnYDO0dEIVXKYMs8MpeiKpZ9Cg816LMBGbJHt5MLIotrhsddlLZYLOGbUUue4aiNoZwrwXkPMq&pvsid=203634787387024&tmod=1126593315&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=OZul6jj5kC&p=https%3A//orientaldaily.on.cc&dtd=12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 09:19:34 GMT
X-Server-Name: dt49.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js Show response
pagead2.googlesyndication.com/bg/ Frame 8757 36 KB
13 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 09:10:06 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 54ms
53ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022062701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bdc359e1ab84ed9f2a2b77d07208a10d992dcd072bbedb3746d0f4b983fb58b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10560
x-xss-protection: 0

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 8D86 43 B
301 B 81ms
81ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1034476&asId=fe005022-b5be-5472-512a-260e2031f01a&tv=%7Bc:h0Lu0g,pingTime:-10,time:425,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMy4wLjUwNjAuNTMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1656580774896%7C%7C9eb9f173a9c9a0afda791f4ceeaf0d5e%7C%7C8203953bb098b7ae8a102827ac834317%7C%7Ce4f78434af3a86ea8cbe71054eb380d6%7C%7C378309702b4c40e38ce9a8186a7f6fa9%7C%7Ce7bb8d754570c82ae887ca0c7877b155%7C%7Cf66d38260ef3b210fd2cce9a751ad5dc%7C%7C458025bbf1e21d725f30795449e3eaa6%7C%7C1629390669%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 09:19:34 GMT
X-Server-Name: dt49.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 8D86 62 KB
23 KB 39ms
38ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ed589f2773c7f62a29c7691a961a85c95ac374c666dec2d6eb6a1abd0350a65e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 864
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23708
x-xss-protection: 0
server: cafe
etag: 12776144751522492165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 10:05:10 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=orientaldaily.on.cc&doc=complete&pg_h=3005&pg_w=1600&pg_hs=3005&c=5&aa_c=0&av_h=289&av_w=412&av_a=83200&s=201.688&all_s=201.688&b=1226.750&all_b=1226.750&d=0.481&all_d=0.481&ard=0.087&all_ard=0.087&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_w.png
s0.2mdn.net/sadbundle/18323139811780221838/ Frame 67EE 4 KB
4 KB 39ms
38ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18323139811780221838/logo_w.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4a56f1a7b79de5f9e93d27a5c93b999ff979aad3d42e556a9a0e657d0803cfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18323139811780221838/index.html?e=69&leftOffset=0&topOffset=0&c=GxSKnmnSrd&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 14:57:09 GMT
x-content-type-options: nosniff
age: 498145
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4075
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 13:05:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 24 Jun 2023 14:57:09 GMT

GET
H3 200 logo_b.png
s0.2mdn.net/sadbundle/18323139811780221838/ Frame 67EE 4 KB
4 KB 40ms
39ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18323139811780221838/logo_b.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce31e17d11533dc96dc7f9bbd4c16adaed1dd4b16b41688e5468055eb073d949

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18323139811780221838/index.html?e=69&leftOffset=0&topOffset=0&c=GxSKnmnSrd&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 14:57:09 GMT
x-content-type-options: nosniff
age: 498145
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4028
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 13:05:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 24 Jun 2023 14:57:09 GMT

GET
H3 200 60026183_20220524080733841_L560_21MY_005_GLHD_300x250.jpg
s0.2mdn.net/ads/richmedia/studio/60026183/ Frame 67EE 37 KB
37 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60026183/60026183_20220524080733841_L560_21MY_005_GLHD_300x250.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

015dbde4dc0e90831887cc21c8f69acc49583cc903d5b1af1f26f4eac6aaab54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18323139811780221838/index.html?e=69&leftOffset=0&topOffset=0&c=GxSKnmnSrd&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:04:19 GMT
x-content-type-options: nosniff
age: 22515
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38093
x-xss-protection: 0
last-modified: Tue, 24 May 2022 15:07:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Jul 2022 03:04:19 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Jun 2022 09:19:34 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 8D86 0
17 B 65ms
64ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l50tf6lp&chm=1&ctx=2&gqid=pWq9YvftKdGs9u8P3ueOwAM&qqid=CImLvKTs1PgCFWVLkQUduhgJyA&met.4=fb.ee~lb.jg~cmrload.kj~ol.xn~bdt.-5l0~bpp.-b~idt.-b~dtd.-1~dt.-d&met.3=736.jh~735.jl_1~374.kj~113.zs_1~112.zs_1&met.1=1.l50tf5lx~6.1~7.1~8.1~9.1~10.1~12.2~13.dz~14.e0~15.e1~16.jk~17.jk~18.jl~19.xm~20.xm~21.xn~22.jo~23.jo&met.7=CAUQCBgBMPcDOLsJaAFw9gN4rUuAAYFJiAH0jgGwAQG4AQM~CBwQBhgBIIAEKIAEMMcEOEZogQRwxgR41gKAASqIASqwAQG4AQM~CB4QChgBIIEEKIEEMKYEOCZogQRwpgR4-wyAAc8KiAGxFbABAbgBAw~CCoQChgBIIEEKIEEMMQEOEM~CBwQChgBIIEEKIEEMKsEOCpohwRwqwR4uTuAAY05iAHlhwGwAQG4AQM~CBsQBhgBIIEEKIEEMLMEODI~CCgQBRgBIIgEKIgEMLwEODVoiQRwvAR40wSAAacCiAGABbABAbgBAw~CCgQChgBIIkEKIkEMPgEOG9oigRw6AR4rKMCgAGAoQKIAe7fBbABAbgBAw~CBsQCiD7BDijAQ~CCkQChgBIP0EKP0EMMIFOEVo_gRwpAV4w9kDgAGX1wOIAbzMCrABAbgBAw~CBwQChgBIP8EKP8EMKMFOCVo_wRwowV4gxuAAdcYiAGeP7ABAbgBAw~CAkQChgBIIMFKIMFMKgFOCVogwVwpwV43VSAAbFSiAGT2AGwAQG4AQM~CCcQChgBIKwFKKwFMNQFOChorAVw0gV4k3mAAed2iAGKxQKwAQG4AQM~CBwQBRgBIK0FKK0FMNUFOCdosAVw1AV4gAiAAdQFiAGWCbABAbgBAw~CB8QBRgBINEFKNEFMIcGODZo0wVwggZ4wssBgAGWyQGIAfywBrABAbgBAw~CCIQARgBINUFKNUFMKMGOE9o1QVwowZ4rAKwAQG4AQM~CCcQBRgBIOIFKOIFMJAGOC5o4wVwigZ490OAActBiAHqsgGwAQG4AQM~CBsQCiCyBjhJ~CBsQBiDTBjj7AQ~CBsQBiDVBjj5AQ~CBsQBiDeBjj0AQ~CCIQARgBINIHKNIHMJgIOEdo0wdwmAh4rAKwAQG4AQM~CBsQBiDzBzisAQ~CCgQChgBINkJKNkJMIYKOC1o2glwgAp4yLsBgAGcuQGIAfDsA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:34 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C4BE 13 KB
5 KB 37ms
36ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 374
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 09:13:21 GMT
expires: Fri, 30 Jun 2023 09:13:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 28B5 783 B
535 B 48ms
48ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

289604da149d4c926597504d95b26478070b8aab51605ebd207b033457e8e4e3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dbSgXS2OvDKwD_7tA0QgPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-dbSgXS2OvDKwD_7tA0QgPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 09:19:35 GMT
expires: Thu, 30 Jun 2022 09:19:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js Show response
pagead2.googlesyndication.com/bg/ Frame C4BE 36 KB
13 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 09:10:06 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 28B5 0
0 85ms
84ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022062701&jk=203634787387024&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C4BE 0
9 B 38ms
37ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_TVYEg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:19:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8D86 42 B
64 B 79ms
79ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstco818Tg67n0PGZ3vBhdThlX_-pkFxcl0uV4muGOU8teDVgslidnSVOOwQXWNsHq_NGbglCuxIEXhiyFm_p6vWG8qos4o8WTUvqGyesY8Rea7mlavSLZPoDdgCwK3p4Xu_Ihv45Q&sai=AMfl-YQGliGTeymwCQySE8VP41VSRXeoMwKUQtCwsVk4nVhUEmFv898tKN8nDb3LNeETCBKRaCaYTS6njUhAF3LusRbfX_-E19HIRPMPC7MW9DfyqYITHCJbSIX5Q04&sig=Cg0ArKJSzKcWvxHAIBS1EAE&cid=CAASJORoq-kvHtbipGYyLFZgXhfq6AAPhX6e9znduIUpEekHV38A-w&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3565501396&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656580773669&rpt=696&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 105ms
104ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022062701&jk=203634787387024&bg=!AgGlAUXNAAaLlKKnq5Q7ACkAdvg8WjqxV6IiDp8P8v33KS1dWNNF7Awjr6VxFG63lSEqwT6QVs1jfwIAAABfUgAAAAJoAQeZAtiYFNRzR1bDtzSSpM4BbjulzreqSeOGjuOVnwitLnveiEljijXQONbSB66EUGiP_Kgznpd6BqleveLNoJUlGNW2lDAg1zYeIzXJh2-9Bc1FdAlwXi9REV_S-ypwFzMQM5LypMbYa7J2fN37a73c4ZKA6ghfwYXxwAISPeYaWlmyV-OxT5hDdSGkNuBnwPdtMigGHaKNLD0Yg9fsEoP56rZnd44d7o2n-pL9IouG1CKWjdMLGXr2P--Dxq314s9EFZFLBexwZKUmMiWaUmpmvJM60NM0xsLglyMt0Xqi8Fn01f2yuumeyMNnUauElQC9kbqs5u5jOgM8TQCH3NeW7ofep2DrpgAWD5HvkBDCfv-B9vyQa3rJNEWm-ligW_pnB1FJCwENV2txEkfx10yXdjaKVUpbCLvDjwNw4_b8a5hM3V6gFmznuvPfZltiWeEEiPcvhH4ED49yBJEPcGUOxHzCCYAvjS0xAMqpCvOK425d6jeJGK8_pZC3O2WdSWvjHyQy17KyO9iHuhA1iM-JDpGzOBI5HmFRXsm_AKbC1hU8rNB6405N065EZVb8zqmDux1DlWSlvF6gM6WD2rWfDvcDjTwGLyMeafyVdW3q6IVgYLMgcwcxGz48xrFBVr7MN9_y6nMpOTkBj861hjAlfAp70gWEQfhvvS4Pf5bKEJqnPK5XNdgbNtSyn0Fy53YsN9CSoDs6W7DfLEdKO3DExMX3yZza6542Sj40WR3wh3qo7cj2JMaUS81tcc9kVJ7IA20c7blpFJwiu5aCzm9e4WgJZwNG3IVIlFnp5WemdLBc3NI0q88RiFrCccp-TMCjAc5ibjBNsJ7Qq1W3dZh5WPfs_vV_ifZ6h3WGk7pBZbEH0r4SPBWslObz8gLQa6EKbwprjlwLtm_3hxjm828Rc0zCDZAfUU2Imj_tlz77vWg3qtJg4v6wqNi2oDYOopaHoiOuP1YEqI6zqQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ Frame 67EE 0
17 B 64ms
64ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l50tf6cy&ctx=3&gqid=pWq9YvftKdGs9u8P3ueOwAM&qqid=CImLvKTs1PgCFWVLkQUduhgJyA&met.9=11.l50tf6af~12.l50tf6ly&met.3=112.70~113.77
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:35 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 69ms
68ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=2~l50tf3eo&c=203634787387024&e=31067917%2C31068250%2C42531605%2C31061691%2C31061693&ctx=1&met.7=CC8QBxgBIPEoKPEoMKQpODNo8Shwoyl4kAOAAWSIAWuwAQG4AQPAAe21srAK~CBsQCiCcKTgcwAHRmKGXCQ~CA8QDRgBIMYiKMYiMMApOPsGaMYicL8peKcEgAH7AYgByQOwAQG4AQPAAb_emusG~CBsQBiC7KTgKwAHV2LT9Dw~CBsQDSCbKTguwAG40Y_DAQ~CBsQBiCaKThCwAHdxfvbDg~CBsQBiCaKThLwAHdxfvbDg~CAMQChgBIJEoKJEoMOspONoBUJEoWNsoYJIoaNsocJ8peIa_B4AB2rwHiAH0mhWwAQG4AQPAAf-fpeYH~CBsQCiCcKThtwAHZ67DzCg~CBsQChgBIP4pKP4pMK4qODBo_ylwrSp48QOAAcUBiAHRAbABAbgBA8AB5Krg8AI~CC8QBxgBIIQqKIQqMLUqODFohCpwtCp4kAOAAWSIAWuwAQG4AQPAAZv_iccH~CC8QBxgBIIMqKIMqMLYqODJohCpwtSp4kAOAAWSIAWuwAQG4AQPAAe21srAK~CBsQARgBIKUpKKUpMMEqOJwBwAGkoPylBw~CBwQBhgBIIQqKIQqMMoqOEZohCpwySp4rAKwAQG4AQPAAZSE4rUO~CBsQBiDvKDiCAsAB_IDvGQ~CBsQCiCeKTjgAcAB8M25qgQ~CBsQDSCfKjhjwAGAkfKHCA~CBsQBiDpKjgfwAGl9oe5Cw~CBsQCiCEKzgewAGQiq-4BA~CBsQCiCFKzghwAH20ZyGCA~CCgQDRgBIIIrKIIrMLwrODrAAeKygLkD~CBsQCiCFKzgwwAGkycObBg~CBsQCiCFKzgqwAGdwJ-vDQ~CBsQCiCFKzgrwAGU_YKKDw~CBsQCiCkKzgjwAG23au2Cw~CBsQCiCkKzgfwAGZv4iwCg~CBsQCiCEKzg-wAHE7efFBw~CBsQCiCkKzgowAG8v772CA~CBsQCiClKzgowAG2wtCvDQ~CAUQBRgBIIsqKIsqMNYrOMoBQI0qSI0qUI0qWNsqYI0qaNwqcNUreKwCsAEBuAEDwAGQx7LwCA~CBsQCiDTKzgbwAHJvKk7~CBsQBiDUKzgbwAHA4eN6~CBsQByDUKzghwAG8kNTuBA~CBsQCiDTKzghwAGnzP-GBQ~CBsQByD3KzgiwAHB8N6RCQ~CA8QDRgBIN4kKN4kMNosOP0HaN4kcNkseKAEgAH0AYgBwwOwAQG4AQPAAb_emusG~CBsQCiCFKzjfAcABle3IswE~CBsQAiDtLDgewAHdhs-JCA~CBsQAiDtLDgkwAGBndHsAQ~CBsQBSDoLDgkwAGrvuLcBQ~CBsQDSD_LDglwAHMjKP7Ag~CBsQBiCALTgmwAGNuszMDA~CBsQDSCALTgpwAHjx73eBA~CBsQCiCDLTgiwAGLqedC~CBsQCiCDLTgjwAGYlojnCg~CBsQBiCALTgswAGz6MHsAg~CBsQBiCALTguwAGy6vr2BA~CBsQBiCALTgrwAHf9fHDDw~CBsQDSDrLDhQwAGdy8X8BQ~CBsQAiCtLTg7wAH_gKrVCw~CBsQBiC3LTgnwAHJvu_4Bg~CBsQBiC3LTgkwAHJ9rjCDA~CBsQBiC3LTgmwAGvlsrKCw~CBsQBiC4LTgrwAHQxtfPBg~CBsQBiC4LTgowAHCxt-kDg~CBsQBiC4LTg7wAH2wrbXAg~CBsQBiC4LTglwAH7h7qsCA~CBsQBiC4LTgywAGfhZKYDw~CBsQAiDLLTghwAGE7IOTAQ~CBsQBiD4LTg9wAGit67ZBA~CBsQBiD4LThrwAHJsd-9Cg~CBsQBiD4LThswAH3-9HSDQ~CC8QBxgBIM4uKM4uMP8uODBozy5w_i54kAOAAWSIAWuwAQG4AQPAAe21srAK~CC8QBxgBIM8uKM8uMIAvODFo0C5w_y54kAOAAWSIAWuwAQG4AQPAAZv_iccH~CBsQBiCALTiCAsABvI2bkgE~CBsQBiCBLTiQAsAB5M7q6gs~CBsQAiCsLTjwAcABtpKenA4~CA8QDRgBINUmKNUmMKEvOMwIaNYmcKAveLFTgAGFUYgBlZsBsAEBuAEDwAG_3prrBg~CBsQAiD-KDihBsABxveUkQk~CBsQBiC4LTj6AcAB1syi4gs~CBsQBiCfLzgmwAGit67ZBA~CBsQBiD3LTjnAcAB3YjuMA~CBsQBiD4LTjmAcAB5aH8vgk~CBsQBiD3LTjtAcAB_JCBkg4~CBsQBiD3LTjsAcABopCVoQM~CBsQBiD3LTj2AcABh9mv3w0~CBsQBiD4LTj2AcABoYjqlQY~CBsQBiD3LTiEAsABqbCxNQ~CBsQCiDIIjjrDcABlbXG6gc~CBsQBRgBIK0vKK0vMMMwOJYBQMkvSMovUMovWJowYMovaJswcMMweNAagAGkGIgBzi-wAQG4AQPAAf7mp-YM~CA8QDRgBIPgoKPgoML4xOMYIaPgocL0xeLgEgAGMAogBgQewAQG4AQPAAb_emusG~CAUQBRgBINYuKNYuMPUxOKADaNgucO8xeI1WgAHhU4gBh6IBsAEBuAEDwAGQx7LwCA~CBsQCiC4MDiDBMABlID1hQY~CBsQBiDEMDiNCMABteTIzwk~CBsQBiDEMDicCMABteTIzwk~CBsQBiDEMDicCMABteTIzwk~CBsQCiDAMDiHCsABqvz-hgE~CBsQCiDEMDjgC8AB-5_nnAE~CBsQAiDwOjj3AcABw8_1mAk~CBsQBiD2Ojj3AcABteTIzwk~CBsQBiD1OjiCAsABteTIzwk~CBsQBiD1OjiDAsABrq3YxAg~CBsQBiD2OjiDAsABteTIzwk~CBsQCiDbOjiiA8ABsPXizgg~CBsQCiCbPDjCAsAB5anOzwo~CAEQChgBIOE-KOE-MLI_OFBo4j5wqT94hbsDgAHZuAOIAamWCrABAbgBA8AB3o6_mwE~CC8QBxgBIMM_KMM_MPY_ODNoxD9w9j94kAOAAWSIAWuwAQG4AQPAAe21srAK~CC8QBxgBIMQ_KMQ_MPU_ODFoxD9w9T94kAOAAWSIAWuwAQG4AQPAAZv_iccH~CBsQBiD2OjjcBcABvZyM0gI~CBsQBiD2OjjcBcABvZyM0gI~CBsQBiD2OjjcBcABrJSClQc~CBsQBiDCPziEAsAB_IDvGQ~CBsQBiD2OjibCMABq6y-qwo~CAUQBRgBIMo_KMo_MMFDOPcDaMs_cMBDeK1LgAGBSYgB9I4BsAEBuAEDwAGQx7LwCA~CBsQCDiGScABvJvM-wI~CCcQDRgBIIVJKIVJMLxJODdohklwu0l47FSAAcBSiAHRbLABAbgBA8AB8_LLrgs~CCcQChgBIL1JKL1JMPFJODXAAeLBm9oF~CBwQBhgBIKZJKKZJMPRJOE1op0lw80l4rAKwAQG4AQPAAZSE4rUO~CCcQBRgBIPVJKPVJMJxKOCfAAZmVn6AL~CBsQBRgBIPZJKPZJMKlKODLAAc_G2uIB~CBwQBhgBILhPKLhPMKFQOGrAAaHZ1rIJ&met.9=4_7.43k~5_7.43l~4_11.4ey~5_11.4f0~4_16.4o3~5_16.4oa~4_22.4vz~5_22.4w0~5_23.4w0~6_16.6b3&met.3=646.43k~800.43l~800.43l~800.43l~800.43l~800.43l~801.43l~825.43l~801.43l~355.43l~825.43l~708.43l~647.43m~965.43m~326.456~832.458~868.458~216.454_4~215.454_4~843.453_5~779.459~889.45j~639.45o~914.45o~629.46n_1~646.4ey~800.4ez~800.4ez~800.4ez~800.4ez~800.4f0~801.4f0~825.4f0~801.4f0~355.4f0~825.4f0~708.4f0~647.4f0~965.4f0~326.4lp~832.4lp~868.4lp~164.4lo_2~165.4lm_4~779.4lq~889.4lt~639.4lz~914.4lz~646.4o3~800.4o3~800.4o3~800.4o4~800.4o4~800.4o4~801.4of~825.4of~801.4of~355.4of~825.4of~598.4of~598.4of~708.4of~825.4of~647.4og~965.4og~646.4vy~646.4vz~800.4vz~800.4vz~800.4vz~800.4vz~800.4w0~800.4w0~800.4w0~800.4w0~800.4w0~800.4w0~801.4w0~825.4w0~801.4w0~825.4w1~801.4w1~355.4w1~825.4w1~801.4w1~355.4w1~825.4w1~708.4w1~708.4w1~647.4w1~965.4w1~863.50h~680.50i~824.50i_2~824.50k~824.50k~863.54d~680.54d~168.54d_1~168.54d_1~168.54e~168.54e~168.54e~168.54e~863.54e~680.54e~863.54f~680.54f~863.561~680.561~166.69j_5~326.69s~832.69s~868.69s~164.69q_2~165.69p_4~779.69v~889.69x_1~639.6a3~914.6a3~415.6b3~844.6b3~844.6b3~783.6bb~863.6tl~680.6tl~863.6tl~680.6tl~168.6tl~168.6tl~168.6tm~168.6tm~168.6tm~168.6tm~863.6tm~680.6tm~168.6tm~168.6tm~168.6tm~168.6tm~863.6tm~680.6tm~863.6xh~680.6xh~598.733~715.733~94.77p~947.78k~573.78k~598.78k~598.78k~598.78k~598.78k~598.78k~598.78k~598.78k~598.78k~113.78j_3~863.78q~680.78q~863.7ci~680.7ci&met.10=1_4.IIItENbwAQj4yQQYgJh1KAE~1_2.IIItENbwAQj4yQQYgJh1KAE~1_23.IIItEAAIABiAmHUoAA~1_22.IM0xEAAIABiAmHUoAA~1_4.IJk7EAAIABiAmHUoAA~1_2.IJk7EAAIABiAmHUoAA~1_11.IKM8EAAIABiAmHUoAA&met.1=1.l50tezbv~6.1~7.2~8.2~9.2~10.11~11.f~12.11~13.p0~14.p1~15.p2~16.421~17.42k~18.42k~19.77p~20.77p~21.77r~22.18s~23.2c8&qqid.7=COHM2KLs1PgCFZeUewodnf0A5w&qqid.11=CJDc6aLs1PgCFcke4AodaIgE_g&qqid.16=CPGnpKPs1PgCFaWdewod8YsLdA&qqid.22=CIPPiqPs1PgCFYox4Aodor4PUw&qqid.23=CITPiqPs1PgCFYox4Aodor4PUw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:19:36 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 8D86 43 B
301 B 81ms
80ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1034476&asId=fe005022-b5be-5472-512a-260e2031f01a&tv=%7Bc:h0Lur1,pingTime:1,time:2084,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:14%7D,%7Bpiv:100,vs:i,r:,t:1082%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1082,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1078~0,0~100%5D,as:%5B1078~300.250%5D%7D%7D,%7Bsl:i,t:1082,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:87,fm:taeo6Fx+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C161%7C162%7C163%7C164%7C17%7C18*.1034476-63675810%7C181%7C182%7C183%7C184,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 09:19:36 GMT
X-Server-Name: dt49.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 8D86 43 B
301 B 81ms
81ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1034476&asId=fe005022-b5be-5472-512a-260e2031f01a&tv=%7Bc:h0Lur1,pingTime:1,time:2084,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:14%7D,%7Bpiv:100,vs:i,r:,t:1082%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1082,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1078~0,0~100%5D,as:%5B1078~300.250%5D%7D%7D,%7Bsl:i,t:1082,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:87,fm:taeo6Fx+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C161%7C162%7C163%7C164%7C17%7C18*.1034476-63675810%7C181%7C182%7C183%7C184,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 09:19:36 GMT
X-Server-Name: dt53.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

Verdicts & Comments Add Verdict or Comment

270 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ad4.on.cc/	1969-12-31 23:59:59	Name: OAGEO Value: DE%7CHE%7CFrankfurt+am+Main%7C60326%7C50.1049%7C8.6295%7C%7C%7C%7C%7C
ad4.on.cc/	1970-01-20 12:55:16	Name: OAID Value: 9b77053a1770d7a342662c90712e8d25
.on.cc/	1969-12-31 23:59:59	Name: __cfruid Value: c056560ff4de3a22dee69b12de88a4f62866954f-1656580768
orientaldaily.on.cc/	1969-12-31 23:59:59	Name: fontsize Value: 18
.orientaldaily.on.cc/	1970-01-20 21:40:52	Name: _ga Value: GA1.3.965798538.1656580769
.orientaldaily.on.cc/	1970-01-20 04:11:07	Name: _gid Value: GA1.3.1680515623.1656580771
.orientaldaily.on.cc/	1970-01-20 04:09:40	Name: _gat Value: 1
.orientaldaily.on.cc/	1970-01-20 21:40:52	Name: __utma Value: 105825373.248626736.1656580771.1656580771.1656580771.1
.orientaldaily.on.cc/	1970-01-20 04:09:42	Name: __utmb Value: 105825373
.orientaldaily.on.cc/	1969-12-31 23:59:59	Name: __utmc Value: 105825373
.orientaldaily.on.cc/	1970-01-20 08:32:28	Name: __utmz Value: 105825373.1656580771.1.1.utmccn=(direct)\|utmcsr=(direct)\|utmcmd=(none)
.on.cc/	1970-01-20 12:55:16	Name: _ss_pp_id Value: 1f5565d8d7c218455701656580771734
.doubleclick.net/	1970-01-20 13:31:16	Name: IDE Value: AHWqTUk4yOvjz5PQi3o1ClO2Gth0aZzNmsU4kFfRtChWgVjqIeePGcLqyvT1TXURUVg
.on.cc/	1970-01-20 13:31:16	Name: __gads Value: ID=7a6045127e940fb5:T=1656580769:S=ALNI_MaKWkbLjd2cIdIMRVa0hUrCpoR9Gg
.casalemedia.com/	1970-01-20 12:55:16	Name: CMID Value: Yr1qpNNk3L3R0qlWOLJacgAA
.casalemedia.com/	1970-01-20 06:19:16	Name: CMPS Value: 5270
.casalemedia.com/	1970-01-20 06:19:16	Name: CMPRO Value: 5270
.adnxs.com/	1970-01-20 06:19:16	Name: uuid2 Value: 2314170888697650319
.3lift.com/	1970-01-20 06:19:16	Name: tluid Value: 1839243077716304220996
.adfarm1.adition.com/	1970-01-20 06:19:16	Name: UserID1 Value: 7114960238924724366
.bidswitch.net/	1970-01-20 12:55:16	Name: tuuid Value: 6dc198e8-409d-409d-a944-37bca9df73b5
.bidswitch.net/	1970-01-20 12:55:16	Name: c Value: 1656580772
.bidswitch.net/	1970-01-20 12:55:16	Name: tuuid_lu Value: 1656580772
.adform.net/	1970-01-20 04:52:52	Name: C Value: 1
.de17a.com/	1970-01-20 12:48:04	Name: guid Value: 1.4574787199946687597
.adform.net/	1970-01-20 05:36:04	Name: uid Value: 4187080123921726737
.adnxs.com/	1970-01-20 06:19:16	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>2jf*fN!]tbPl1M>e)ZlrFUfJ+tGXxp2C`zUQK#BF0?0%<.9.]Y(IJelf]5)s!Ce45%3If)y3KL9D3I?+Rq8(Ve
.everesttech.net/	1970-01-20 12:55:16	Name: everest_g_v2 Value: g_surferid~Yr1qpAAMvsuhvAAo
.agkn.com/	1970-01-20 12:55:16	Name: ab Value: 0001%3AoJUxMX3X91ikmHEbvrwggrRm73zQbXWT
.agkn.com/	1970-01-20 12:55:16	Name: u Value: C\|0CEAqUCckKlAnJAAAAAAAAQ13AQCAAQpAAAAAAA
.quantserve.com/	1970-01-20 06:19:16	Name: d Value: EH4BCQHAJoEA
.quantserve.com/	1970-01-20 13:39:55	Name: mc Value: 62bd6aa4-3f353-b0c74-4b828
.sportradarserving.com/	1970-01-20 12:55:16	Name: zuuid Value: 1fcde351-45af-475d-9cd4-f0f709de55ab
.sportradarserving.com/	1970-01-20 12:55:16	Name: c Value: 1656580772
.sportradarserving.com/	1970-01-20 12:55:16	Name: zuuid_lu Value: 1656580772
.sportradarserving.com/	1970-01-20 12:55:16	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 12:55:16	Name: zuuid_k_lu Value: 1656580772
.casalemedia.com/	1970-01-20 06:19:16	Name: CMTS Value: 1123
.popin.cc/	1970-01-20 12:55:16	Name: uid Value: 1f5565d8d7c218455701656580771734
.on.cc/	1970-01-20 21:40:52	Name: _td Value: d58620e7-ddff-4d83-be3b-ace2f9473dd3
.in.treasuredata.com/	1970-01-20 21:40:52	Name: _td_global Value: 9c98ab0b-045d-4d3b-93e9-7d9a399f2e11

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://orientaldaily.on.cc/js/v3/odn-preloadjs.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.google.com/adsense/search/ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=697&adScreenW=1600(Line 32) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=697&adScreenW=1600(Line 32) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://on.cc/adv/web/corp/source/unicorp_v4.js?(Line 215) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://on.cc/adv/web/corp/source/unicorp_v4.js?(Line 280) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
other	warning	URL: https://s0.2mdn.net/sadbundle/4803125007237303047/index.html Message: <link rel=preload> has an invalid `href` value
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DARnp8GBy9c6q1XsAuxU4G-t70x7DvyXe77NTgd_4VmCc0jwLxyUluMOGqKzXKpHBz68D9LMVzsn-Sxe8V_l77uQkr7wvjs8d6w&google_gid=CAESELIFn-87wNceX2kPlUz5wrk&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

167c42b3174baf5592693078e7da83c6.safeframe.googlesyndication.com
a.sportradarserving.com
a.teads.tv
ad4.on.cc
ad6.on.cc
adservice.google.com
adservice.google.de
api.popin.cc
c1.adform.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
d.agkn.com
d5p.de17a.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hk.on.cc
hk.popin.cc
home.on.cc
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
in.treasuredata.com
inrecsys.popin.cc
log.popin.cc
netdna.bootstrapcdn.com
on.cc
orientaldaily.on.cc
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
r.popin.cc
rtax.criteo.com
rtb.openx.net
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
t.teads.tv
tpc.googlesyndication.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagservices.com
x.bidswitch.net
104.111.242.245
104.16.169.108
104.16.170.108
104.18.18.126
104.244.36.20
119.63.193.220
119.63.197.136
119.63.198.143
119.63.198.188
119.63.198.189
13.248.245.213
13.32.121.72
142.250.181.226
142.250.184.194
151.101.66.49
172.217.18.98
178.250.0.166
18.196.115.149
185.33.220.100
198.47.127.19
2.18.232.7
2001:4860:4802:32::178
2001:4860:4802:32::3
213.155.156.166
23.35.229.56
2600:9000:223f:3c00:8:48e:53c0:93a1
2606:4700::6811:180e
2606:4700::6812:bcf
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:801::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::200a
2a00:1450:4001:828::2006
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9c
3.122.145.17
34.98.64.218
35.157.96.249
35.227.252.103
35.244.174.68
37.157.5.142
54.175.38.235
54.246.237.93
69.173.144.138
85.114.159.93
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
01101f7383b822ce24d4f2cb22260f25e1536bda83c1872e391a12e5d31f264b
015dbde4dc0e90831887cc21c8f69acc49583cc903d5b1af1f26f4eac6aaab54
01fb24629611503ba4ea42ea9d94c1b82449d62985a6087c5e22e9e38b9b0ff6
0218a32b5c20abf439b8b39ba5b3179019d0d3ad9183ca89bd9ae662fc959f0c
0350eaf35ccdb5e81fd6410f924aa857b491fce3bb1bc48e0935ad2b26a138e9
04a10b98a122cac304f213200a1338aa7b0c7aac308f831b9bb377be6368a6f4
0520780a52a9dc8a8db00c8afe179461d1dd9f4a369bd11c299e45b64aba6dfc
0562ee2f57eca269e43d5dca6e3ca8b5f6351210c5ce5bcc2baaaac68817d15d
07678d180e3556e1ae4e871cc3dd15fdb60e60709a79e424f3675af25a648ce8
0a6bf83e852ce505163230054c023be0afbec473d5eb7c56ba2cea67e236fd8e
0b598afd486f173c5d6bcba3863a904f0494eaf49957fb7c4b534a731cda34d9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0ca49b7de8f5e006ba5eb976937a3f9fb96b05ebfbb11d685c0b21ead94aacaf
0e91e1f5f9ab1b71b71686baf06d7a1661f89786df2019f315b2d3b8d1186f61
10a1c3546508a4f60041203cd2de027ba35189ccac7bcc4701c98ac6595bc434
112aba6073ee49f1843f50fb5239e2d7c8a004325b50bd7f93ab093cb6b72e4b
116b0048cad8af91864a4070f8dea17e735cbc93627d5d411dbd68eda249328e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12bc2a7d3a8d9312b4c57ff96da70a1b5226092ef32924ce7c0fc72137322e6b
1589f2f09497ced0462a32268a796f287a5ab893ce213a8fbf39b233d2fbeb59
176b6e30b48ace76fce19e261ac688bde72e2defab631d9c2fafea242c559714
179e2131f584aaf223928266ff48c9c85106f9412470680dd4c20084d9060898
18576f2a2f7116a6915d3f562fea7b859337c27795401799a9e2ac6c1d8816b4
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
1bdc359e1ab84ed9f2a2b77d07208a10d992dcd072bbedb3746d0f4b983fb58b
1de66009eea3c9f435d5bea771a3717b0c9dc7abc9418e9357442c1afec63117
1f9a420d5ee2aac604f4a89e935a225d1bb2ea94837bd96bd84b9186dfbae792
201b64a83ec3a6c9f08e157fbb0d6cbacd971b9fc971c4d4eba6fcefae241cdf
202370a6bb2899416c9ae48d85030b16576d76dd43c21af78ca42e2ecae0e8d5
202f8ae348401e13c3980134f27c2728cd3777f881db4716481f246afd150a34
2120ebbbe270d6417b8d272c6450d10ef0d94235287b3eb2e2c8a52de73cb17e
2139db140b042be2a5bafd65fa757f0eb3cf3e0f97c6a8eec957052530b03d77
21751a2ef69707d95d710a599058bd1ad09a1ee89f84512e5f2291b2b94217db
220e3d1fb930ba0b45cba94fe40aafebc0cc2d9e281acc3c6d2e62ebb4796ac0
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
267567adb4b6505e023e870d208a89492534119bc9e581a7181e11d942ed56ae
289604da149d4c926597504d95b26478070b8aab51605ebd207b033457e8e4e3
28b04b730ec93a432ace59ed70723ac53e3883f180bf8414f22b2fff89cda6a9
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
295426b72ec33667532350cfade43e74c86369c35ed6f230e3996c0197af0118
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
2b5514e397dfa4b681f07408e843b186c8e40f0c429e6b956154ac2c385aac34
2dfad8a188d99fe64b68526d69a2ee9edfdbaf5a4d8ca041e0a1ce7f18be4425
2dfaff152d24ca282243ae4f53ae4d50c909e568ada3be8c24ec725ce14f8423
2e35779ee84a092118ffd989f9151fe568a3914da752c1e0047b7b76eb1e5d78
30cf6386a0c3b987faa377e1d12974e66af9dc0f0b13377eb4c1f532980033c3
311ed131ee2d852a3c476f02be22864564ce763ba88903e947cbaaf0c5c9c060
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35019316f13954f4258a8b048c51ae4cbc126bd15b26c3707aaef60debd9cc1e
350b869264924592f82e55d98feaf44ec0dfb85fd76f798503e8c2bc6eb98517
362a819db539b43a089db6fb279b870da7d7ab79d70df11dec2b6f3fce4be612
363cdcdc13363ca0a317e4ac6b82721100ec58593c1cefeafdf6d2f21f56702f
395a0f34c60772ef9d0d85edc258e3e2fa60c919344ae15f53f30df0cad8cad8
3a3495f9b6eecc87d4806359ca818194adf6784c4b1b01c9b27db703aa841468
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
3bb9742051b029706b3534865cf015f63a963ec093de84618c80feb3f96cbbf2
3c660dec6cd5e8f9e0b3c518da51439c7a47a1b28da85193926a06b005f0905b
3cd04ebec3c174306715e23ef72e0761d431c71f09664fcd489ecbe5dd3c9dea
3ec407c21aabac0d60779a5fb5e2fa704479d2a474e3b7171dc79293e99c45a2
3eef61507e5ba153c053a683aefc1e14a84044b401e846c5736572094dd2fe5c
4379e471eed46dfb112bc6c7aedbce4360a76d9e33ff2857c43373b8be346443
447bcc77c4e96b5acf7ef62a9c67593cc3a229250facf0ebd1eb5573f7911893
45f029b0dec12e864c693266265b33e968158edb8ae5761c09013c8069544c2d
460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff
474f7459231bfb540c70dc42c04766bddc36c1b395846cce58b235940f5149bd
478e9400d4daee656ea306f2d9e1a52e8b79ec2dce734a69104cbc12238afb1d
48deef5a4537b8c2d3bbc1c4cf8b5133ec55fade9fb3ab81bbe36bb4f7cc3f73
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5d4b4b81b4c4c46f266dde325b84e7856fc9dd0bf2e35332edb831ac7afa7c
4b7a5a4cc369fbf887fc098793578f308d0b3e1f51c6fdb5765e5b433e1dfc89
4c3dbb2a992819fe0810a2bb5f48c5789b35daca410ac35c6cdd34bfb488cf00
4d06efef817e189ebc1a9d4a2c74240758b3e7a5546c4ed5a0e114ecb8f75793
4d9c73df8620d65afdfae662bb0ccb6732673273a25727e1b8d5690dfa060cd3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eab78d88f813c020b7df8dfcee7b1d3f2f20f2bf15f9f5979ec5c7d2c628b93
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5124d27328c2f5c4b2a560fe2ad40a2ece04ed9f465f354fa35b741c124fd466
5459851818636571b7286afd1a08ccd3991e479808e70ee8dc7b2ffca2201e63
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ddf015f68354280bc4c8b459b66d8fa3ddaddbdf5de7a76d57b26c22d89776
5577dfc0f7d981f0e52872f70475d085675200dab0f733ba23c4edb03e6124eb
5587ca41f509ea115a518336f6ac6e376379a25fda215b58c4921f84040f0f39
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5627922b3f1c49ed3d43cfb5699e1525ca7de0c6e6791aead848d3e495e268ca
594634cc0b7f37cff08b11778c0f039912467ce455f22b4741fc94da6985695f
5a8c71c4cc7d5565e31fad7dc51eca8c09b8b737ba544f30372411d98a3edba6
5b1582fc9df76f0cab50cedaa2fbe5ec0a9cf52db13e4b98c36b6ee4694abb23
5b4a8698e5c880ff6090a1c0cd2558e42b26c5a1bdf6cb08b9d8f2d78077fdd8
5f6a761102c6ab539f8c8886b76f6c4f92a49955a4bc5fec019a0e741638cac3
61373cb0fa602b4572dde5327f834507ac30f6254df36fe0feab0f03cd02bd11
6140d1d63ab65dcd9bb879fca4815ee8072adf199abdba107021b6950d16ac7b
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6258cf89e1f9160011d8e08cca525e7fd687610408410ceb2b25fbbb7e9b08ca
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c2166c456df16a904a9694bf26fca192b82f6f6000103bce4d84ce2d89527d6
6cb6349d13530a8afd8ced2b6d27ef31640eeea339308ff806fe229be97e2458
6ce9771f22be75ec6fd91a7c31765ce43cf2949b2fa81cba48416569443eb5f8
6da41a737f317453c9f00b4e54e379c16a53c794bff375bfd17d418a82481535
6de2821eb42d0f883a736bb4955b2da02e0ba46794dc618ab35e7b38ad389f29
70981391c8766799262003ec9ea88137126e37529c6ba6b256677e38d0dc4549
710a1d0944895f373adf0e0c726343013e4deb39e09be8e45a276ce8a056368d
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
7700f3825b7ce6c180c377790acc64597f5f00ab11057bc7a95b2ed704a7e61a
77d3a6b19e6eac0ab89be6d6d6754ca0fd0ee47beb8b39350ecc6b534ee95281
798140180b673a00fd9685b6979fc85b9108be61c481ee8ab50e8de4f2ae7b34
79bb7f32bfdac68dae7fe9cb02ee43aeb9e89027cd0c7c06b12660bf95bd6beb
79c369802018b75882ec40d4896c33c99ff78227d8ccce93357fc8167b32d386
7a7c4424e5cb5c21be591baaf6203d2cdf6a50b582dfb077b2cc42d345aa6177
7b721ad5a520ac92408e22a65991fb6d2e6d4fe6c4b443b3f65b778a4726c01b
7b75455f6bc681b8ccf92a51442f1ac2c91fbfe1c813837a9650e975b3456913
7ba85131af42d7740dca489997e5adc1b256163aa7f5c99a20ab5fa830eee7eb
7ded3b5fe5012c95cf55fce4d674274ec122c901a802db7371c89d1cb5179d97
7f4fb07db356f024984914d8364135ac3b56af2a009bdcd335fc6483db4931af
7f67d90d957dd4ee4d98b2aa84d917c435702010342d449a1bdc7fe3b7e1e4c4
80abecfc5aa1510600d13b4ee625ed5a4a115d6bbfdf6009cf2dc3489f2b1217
80b527303614f3950afc1b442881a714307f13c4fe82abafb71e68d33172d6a7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d56754fb658ec50906e682d45d01ec010e2f77d7da69fcc56a85ab276de39b
8480151cecaa2ec2dfebd120841cc5b0655981e12e7ab80354db5669d84f9632
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
8544fa9f4620e661e6b65d5189b43f284d3a23c1e25b5b6e197ddaf6f36b8ab0
863fed36a63359c178627fb9c1c55a6dae814afcb97df4c71ac785397f9e73a5
870afcb46786b2bb14b4513b1fcd75be5b9566019065b696eac3857328c51e1c
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b89cf78a666983a961940e155386b7cbe0f104ded9139a509af316ad266db7e
8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45
9182241c0821b88dcd3047e50f7301863c71e00818b20ac639cb469a375f2482
92cc22507e69f2baa9a37f4dd7767bad45f4531a1667fd8cfb0665dd7bfd52d1
93a39183c6ae715636ed25fd02d5a1afa92f61c780979f6f48c80b5d4c7482f7
962f187c2e07072183a90cbb92b513e86821baad09eab1d87228745ca6d2f8a9
9674a6e7b407e2b658339481bcc5ded7da98f41075104c83592af4459750db87
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
975765c0fef1b080e3a7137df342f265d483f8c7927b8e10b923b92ebfa71378
981733af320237e1b71663066c5741539c54a8883268bb5e429cb49642f275cc
981a2ca896313448334b155c40c75f1bcd39918b5aefb820415fa142834ec0b1
98f79e72e80267adf8bf25528117eed154dff966cb31838d3c002362ac838bec
99dc0044cfebc1a8906fb5a71be5f41917615a0815955dede34d9406cd6fe053
9a5961396357e863a967803cce166fd3954275ccee1be16f7c75077414216918
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ab6ed9795e2f7e4f657148a92d36798a27dd29ab2d4e992fbce352de9a2e42b
9cdfc421265602e0a9c952b7c9e7ee8f58cfbdfb27b0d3649b818ecbb24f8908
9d3c30ad5bbeaddf13c0962cc3586228e77b2f343d3e76e8655e4a3ee487ed52
9de0c8978e69302a3aa776ff407769b18f57ffa7d8122c2da9ef747f93cd43cc
9fa702bcdf3df8c233163b3e5503579bb9109b7f426add09771cb54bbaa0275a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0543b0572fb5233fe7c4004a49e8139cb1ee4ea2ec24485090428692dc25ef2
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a12c17ab23790461e677329f9dac5efb0ce19a38fcece15f785ff7f42423cc26
a13295ffa73431bd92a7d3b657fe14eb139a711c435e50a55e919a39190ce112
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a495678c89d05e802b84fd2800489a1e88c55965ccd3f86f1a135be0d2b5075c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a89c5d02602316b77d7d50cb7b8a168c10d707994d6f2aba75788365896bf5ed
a9613f7645c91aacd5d5027d72140f3ffcb148eb265aeee3b529303e28f8bd03
a9d0c7386619ee9332d28a857852f6a36124d7ec75f10fef15d317535242c9b6
aac0db71b09b09fade52f1d6e2cefdff67af34d335855a0d99c8d29fe9c5632b
ab229322552892c8734d333a6b52b479f3d9cf7c8a1fc9cf2d8bd6ba3420284b
aca369b7f67abbc64e8a9f8d2fe01bd42f12105dec97458faf311ad900e7c9be
aca6d2da6e15aaf6a2a3a84aba91a70d97d30f7188bf2526e238bda35fc5d01a
ad81256e507439c190c10486c1461dbf441701364c44a4b435eec9a536db0d79
ae28ac28af4c43157ac63fb87660eeb34c97ccf6ac4a9c7340ae071a96bbfde4
ae3a52c553167c19aa49bd59a0e25f7d89296b539e763c02d3ed1ebcea6b7852
ae90edd3782a0437f89904168af8c601f5c4883c553855d66ba187ad3884119f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af2d583999658b96ba5bc7d5cf834ca654a8930d5937c8f4830ee9c7e6fac5ed
b076cd3e801782f9dc52ec4eb3f9c3a9c493f26277db261453ae6969f463710f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b21fb01bda0d2bb50a6ce7b626741aaade4325e13172db17d42d562c18b1b7c1
b25c86a38b295242f4b357ad3c2bd7f94d52e18d409ddbbaba64b5a5064fa1ce
b2c044e8e8af87330e2c1c28479713e3107e8b9fe79b3a881bcb247902531db1
b50c0a0deb95f235d8a83870eabda247bec8c7c86231c3e47954e328ff1e711d
b85ec12235a456ead5b2370041070fb6cecad1f6db376c484b15f68e0b98b7e0
b93d3e5967f55582e7a0d5ba132316e019653a58e4f33eaf7ecdf9e5332f402a
ba104e26f1a58422fd026da949455e4adba721a24790fda4fc5da242879ba77d
ba4a2ed5c3aaca816b771346b5324c8789fd85d57856a98d5ff07290a19f1b95
bb02904d7b781b74b7ab5506401d37c87203c5d17319eb14676fb865e97684ae
bb34cfc714990dfc7c8b1e82f6ef39a654e92384973be4d3168964f8fd76d5c4
bb6671cf0cbb1c9bc49301806f6d40330f28492a49ea5f9ab42a9c4e2975d26f
bd3871c5dc9d47fd4a3376b505550129eed1ef2bfc201b9b87fb374aed7737d5
bdff3f5fc8a8f8ae1fe38fe4304dec4b67f7bfe4d8c61bd48d02805217cbbd78
be65b1c567e1f7558833b17c954318334b0e687a81cf4b77978460c58d210561
bf8e07f3863a8dc17833864c5f07759dd35fce17a3ac3e382cfa53b0465d4014
c0219a5985044cb8f08471d92d7e8aefcfaeef10634fded92940eeebb1c90699
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
c246f3f250ca5d05f6ff64bce59ae77784df81c151a1c22b9eba36d9e8effd60
c356781e5dffebe24b1c1bb1939a90471a9e09397e2c5d47d385b26fa8fa99ea
c4d14f2c2dc606d17733d321dfbe8b722073a5d64b3cc9b107c09e2a5d263e3f
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
c920a15d16d7dee9a33b74d828f2d11e183b5d9c3f09372403d2476d5bb8a6a5
ca3308cd7b576f05eadbba21318102b7f10def1b3cfea4a00a3840eccbf0ba69
ce2992827ec31555ecc2322286909219f5f67a31a13f8e3d00468a6cab020e35
ce31e17d11533dc96dc7f9bbd4c16adaed1dd4b16b41688e5468055eb073d949
ce61748ce893b3ec7b81cd022f4a9ed673ab4c118f5cff9a4c72a2160d04b496
d00ef9f9dce166845458fc99049b500dd07238787ccc25da41ea7f9ac7fe7b5d
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1bf5e901abfea769b7f81433070c2a4ea7f261d2726c4f6c078429604f7c843
d396a425aff7d36f065e55309236b089969a477738f1540f948df56853fe2127
d479a01123d8574e81f3e4fcd8445a067484e24ac7c62ac20b59576a2781b2f7
d4c9e237182baafe9273e1a0dbe7f8b6814c885a11c842fc879b0939c74cdccd
d82509736b98cf5d93d49f053ced5702fd9ca35deb0d590aa2d3a52e176eab22
d9c56677f5e4bf4db2d10b3e4251337f9c954733c8b35b24f6861cf634ae42a9
dbbdfd3cc8ecc010a5a3c55865a859b44008d80f04627faefb09e726139d0feb
dc5e0245a9f89d144afabfb55c88f190a4153ad8c3baa67e340a2a7715a64940
dd713d7980c21296da0a550b57782bb190e1677c630acaf0d10bb1ca0c25a4b6
deebccefdbb9e3846fb52bdeb875696fa33b4fcafb00d83ac8f89631084df26b
e0b3331d76baa17e23051e7d2f5dac01e76bcaf64ff5a031861b0021607274b3
e1800b1aae8b82ca1b555d3a270660961aa37a1a0d27f9f84497dcd773fda3d0
e24c6b826387497797006470ae32b9aebd25b9fe98231c577041a6ee0cdf5e2b
e26801b344d9fb191aa53ea743d2d8b5f4888cebac66ce1128f63078aa53f750
e2b9ea9245c4626f826a0b9bfb7dca8c879c51cf9a351df7ecd1fccbdae2f87a
e2ba400a3542c7f986dd240f2def70cc8d021912a6376e6da574c28630a67b3b
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e32b017a5bc36cfd7104924ee59da3e015206b7be6132b36f5951b0e7775c4c6
e3abbdee23923fff731b29b9af1621396fb5266a78bc8a4cdfbf70cb47993fdc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e49484c10289ade69f6793b62747c2853739f9b850609c85bd271b0eb43724bf
e645aa1499532236c890f328050813c6ae0129adec27552918a58e0a62b12f57
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e88277fb3af2797ea1ed8f612de86557d5926a94711f895adb28a09be31defd6
ea7e05189d5512150dd04b56e523912e88c39d276da17c0e56ba2356ba785d64
eb8eba1460c995cb48cfbbbdd9f304a41a53320d9bfa6ce9ad0fa841b81b5e76
ed3376d25fca09028fe41665e52559bb88177ac13dfbbeac9dd28716bc0df000
ed576e777684a152c09382fc3dd3a133665aaa5550e2480c1078a603b5cc5ac7
ed589f2773c7f62a29c7691a961a85c95ac374c666dec2d6eb6a1abd0350a65e
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
eed02bbf05669a57c9fa23730f523ae85f4331eb7229d0b1eb7b047bec7cc00b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f67310a50c4720ca438927ad499f0eb5adf421b8106f950d4b4a3d4a7575ce
f419e7307780a5eaf54c57408a025126ac694c9ff59dc40982807ea16e4bfff2
f4a56f1a7b79de5f9e93d27a5c93b999ff979aad3d42e556a9a0e657d0803cfc
f6cc49410ee432f3b856aa90ef24fd7fa01c8097164a87a6d5da45e1f461408e
f8b4e204fa4f21d50c68e41e6e77a807c1374c45c0c9548542b0c4d84dd31528
fad626d16534695b831ff183de1c5fda2de8f081c23b790313a75b786063b416
fc48b7c9856fd04e9b657943d039fa00c9171fb2fed4e70f2fb0a0f9d8d5140d
fc5f43aeb0f7b3d6beb24841027dd070d88ae08c7529e3a50f4cd0fae5105e01
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fe95a4c752590b7e2d5296446643300206175ff9312c477057c1c9dec02e9f84
ff52e77e92ebac2ac40d34ba22d46a973f17759427f09c374b55e1e1c0bc954d
fff0e21870bb047343bb423f7d2526b209c74bdd7e22faf10cfad8042a9184dd

orientaldaily.on.cc Open in urlscan Pro 104.16.170.108 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

381 Requests

94 %HTTPS

35 %IPv6

34 Domains

57 Subdomains

43 IPs

10 Countries

4161 kBTransfer

9084 kBSize

41 Cookies

66 Outgoing links

Redirected requests

381 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

orientaldaily.on.cc Open in urlscan Pro
104.16.170.108 Public Scan

Screenshot
Live screenshot

Full Image

381
Requests

94 %
HTTPS

35 %
IPv6

34
Domains

57
Subdomains

43
IPs

10
Countries

4161 kB
Transfer

9084 kB
Size

41
Cookies

381 HTTP transactions
5 data transactions