orientaldaily.on.cc Open in urlscan Pro
104.16.169.108 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%9...
Effective URL:
https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%9...
Submission: On June 30 via api (June 30th 2022, 9:55:56 am UTC) from SG — Scanned from DE

Summary HTTP 388 Redirects Links 66 Behaviour Indicators

Summary

This website contacted 41 IPs in 10 countries across 34 domains to perform 388 HTTP transactions. The main IP is 104.16.169.108, located in and belongs to CLOUDFLARENET, US. The main domain is orientaldaily.on.cc. The Cisco Umbrella rank of the primary domain is 152416.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 10th 2022. Valid for: a year.

This is the only time orientaldaily.on.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
159	104.16.169.108 104.16.169.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	178.250.0.166 178.250.0.166	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
34	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
12	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
3	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
4	119.63.193.220 119.63.193.220	38627 (BAIDUJP B...) (BAIDUJP Baidu)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.89.28.165 104.89.28.165	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.32.121.37 13.32.121.37	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1	119.63.198.189 119.63.198.189	38627 (BAIDUJP B...) (BAIDUJP Baidu)
7	119.63.198.143 119.63.198.143	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.170.108 104.16.170.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
9 32	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
6 10	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
33	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
6	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2 3	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
2 2	34.251.55.128 34.251.55.128	16509 (AMAZON-02) (AMAZON-02)
3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
5 5	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	52.207.58.221 52.207.58.221	14618 (AMAZON-AES) (AMAZON-AES)
3	119.63.198.188 119.63.198.188	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	119.63.197.136 119.63.197.136	38627 (BAIDUJP B...) (BAIDUJP Baidu)
2 2	3.122.145.17 3.122.145.17	16509 (AMAZON-02) (AMAZON-02)
2 2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:ead7:db0a:c4c5:a8bc	16509 (AMAZON-02) (AMAZON-02)
1 1	54.194.128.132 54.194.128.132	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:c000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	104.92.106.130 104.92.106.130	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	34.247.9.43 34.247.9.43	16509 (AMAZON-02) (AMAZON-02)
1	213.202.235.8 213.202.235.8	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	3.127.61.11 3.127.61.11	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.167 213.155.156.167	1299 (TWELVE99 ...) (TWELVE99 Arelion)
388	41

159 104.16.169.108 (None, )

ASN13335 (CLOUDFLARENET, US)

orientaldaily.on.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hk.on.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
on.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
home.on.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4.on.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad6.on.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.166 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtax.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

api.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.89.28.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-28-165.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.189 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

hk.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

log.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.170.108 (None, )

ASN13335 (CLOUDFLARENET, US)

hk.on.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 142.250.185.162 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.18.126 (None, ) 6 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.221.90 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.55.128 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-55-128.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 198.47.127.19 (United States) 5 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.207.58.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-58-221.compute-1.amazonaws.com

in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

r.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.197.136 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

inrecsys.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.145.17 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-145-17.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:ead7:db0a:c4c5:a8bc (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.128.132 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-128-132.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:c000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.106.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-106-130.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.247.9.43 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-9-43.eu-west-1.compute.amazonaws.com

skydeutschland.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.8 (Herrischried, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.61.11 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-61-11.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.167 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-167.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
160	on.cc orientaldaily.on.cc — Cisco Umbrella Rank: 152416 hk.on.cc — Cisco Umbrella Rank: 96255 on.cc — Cisco Umbrella Rank: 54280 home.on.cc — Cisco Umbrella Rank: 226004 ad4.on.cc — Cisco Umbrella Rank: 239516 ad6.on.cc — Cisco Umbrella Rank: 185427	2 MB
63	doubleclick.net 9 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 stats.g.doubleclick.net — Cisco Umbrella Rank: 119 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 287	354 KB
58	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	619 KB
33	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	684 KB
16	popin.cc api.popin.cc — Cisco Umbrella Rank: 20157 hk.popin.cc — Cisco Umbrella Rank: 250540 log.popin.cc — Cisco Umbrella Rank: 21129 r.popin.cc — Cisco Umbrella Rank: 22605 inrecsys.popin.cc — Cisco Umbrella Rank: 24171	122 KB
16	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 8 adservice.google.com — Cisco Umbrella Rank: 92	54 KB
10	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 576	9 KB
9	google.de adservice.google.de — Cisco Umbrella Rank: 7751	2 KB
7	teads.tv a.teads.tv — Cisco Umbrella Rank: 1237 t.teads.tv — Cisco Umbrella Rank: 2210 sync.teads.tv — Cisco Umbrella Rank: 938	133 KB
5	pubmatic.com 5 redirects image6.pubmatic.com — Cisco Umbrella Rank: 629	2 KB
5	openx.net rtb.openx.net — Cisco Umbrella Rank: 1589 us-u.openx.net — Cisco Umbrella Rank: 387	900 B
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	5 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	170 KB
3	everesttech.net 3 redirects pixel.everesttech.net — Cisco Umbrella Rank: 3023 sync-tm.everesttech.net — Cisco Umbrella Rank: 612	1 KB
3	quantserve.com 2 redirects cms.quantserve.com — Cisco Umbrella Rank: 1107	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4852	651 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	2 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 801 r.turn.com — Cisco Umbrella Rank: 2975	869 B
2	demdex.net 1 redirects skydeutschland.demdex.net — Cisco Umbrella Rank: 86800	2 KB
2	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 536 static.adsafeprotected.com — Cisco Umbrella Rank: 562	690 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1872	1 KB
2	agkn.com 2 redirects d.agkn.com — Cisco Umbrella Rank: 557	1 KB
2	treasuredata.com in.treasuredata.com — Cisco Umbrella Rank: 3986	875 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 336	919 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 134	2 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	28 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 367	265 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11552	1 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1383	297 B
1	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 4115	8 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 867	248 B
1	criteo.com rtax.criteo.com — Cisco Umbrella Rank: 24046	84 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
388	34

	Domain	Requested by
63	orientaldaily.on.cc	orientaldaily.on.cc
46	on.cc	orientaldaily.on.cc on.cc
34	pagead2.googlesyndication.com	orientaldaily.on.cc ad4.on.cc pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com cdnjs.cloudflare.com www.googletagservices.com securepubads.g.doubleclick.net 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com s0.2mdn.net
33	s0.2mdn.net	orientaldaily.on.cc s0.2mdn.net 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
32	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net orientaldaily.on.cc 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
32	hk.on.cc	orientaldaily.on.cc on.cc
21	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com s0.2mdn.net
16	ad4.on.cc	orientaldaily.on.cc ad4.on.cc cdnjs.cloudflare.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com orientaldaily.on.cc
11	securepubads.g.doubleclick.net	ad4.on.cc securepubads.g.doubleclick.net
9	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
9	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
7	log.popin.cc	orientaldaily.on.cc
7	www.google.com	1 redirects orientaldaily.on.cc googleads.g.doubleclick.net tpc.googlesyndication.com 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
6	googleads4.g.doubleclick.net	orientaldaily.on.cc
5	image6.pubmatic.com	5 redirects
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
4	api.popin.cc	orientaldaily.on.cc api.popin.cc
3	r.popin.cc	orientaldaily.on.cc
3	rtb.openx.net	googleads.g.doubleclick.net 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
3	cms.quantserve.com	2 redirects googleads.g.doubleclick.net
3	a.teads.tv	ad4.on.cc a.teads.tv
3	40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	d5p.de17a.com	2 redirects
2	x.bidswitch.net	2 redirects
2	skydeutschland.demdex.net	1 redirects 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	e.dlx.addthis.com	2 redirects
2	d.agkn.com	2 redirects
2	in.treasuredata.com	api.popin.cc
2	ssum-sec.casalemedia.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	pixel.everesttech.net	2 redirects
2	www.google-analytics.com	on.cc www.google-analytics.com
2	sb.scorecardresearch.com	on.cc orientaldaily.on.cc
2	t.teads.tv	orientaldaily.on.cc
2	cdnjs.cloudflare.com	ad4.on.cc s0.2mdn.net
2	home.on.cc	orientaldaily.on.cc
1	match.adsrvr.org	40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	r.turn.com	40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	m.exactag.com	40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
1	static.adsafeprotected.com	40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
1	pixel.adsafeprotected.com	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	inrecsys.popin.cc	orientaldaily.on.cc
1	netdna.bootstrapcdn.com	orientaldaily.on.cc
1	hk.popin.cc	api.popin.cc
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ad6.on.cc	orientaldaily.on.cc
1	rtax.criteo.com	orientaldaily.on.cc
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
388	57

This site contains links to these domains. Also see Links.

Domain
epaper.on.cc
hk.on.cc
racing.on.cc
football.on.cc
money18.on.cc
www.facebook.com
traffic.popin.cc
trace.popin.cc
www.webforall.gov.hk
ad.on.cc
oeh.on.cc
member.on.cc
on.cc
tv.on.cc
p18.on.cc
orientalfa.on.cc
classified.on.cc
home.on.cc

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-10` - `2023-06-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.popin.cc DigiCert Secure Site Pro CN CA G3	`2021-10-22` - `2022-10-22`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.treasuredata.com Amazon	`2021-09-17` - `2022-10-16`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2021-08-16` - `2022-09-14`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Frame ID: BBD0F8E19930EB64A0A481560267BB27
Requests: 226 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20190131/zrt_lookup.html
Frame ID: 1BB7EDD6E5BBC83F0BE1F70C9B18768C
Requests: 1 HTTP requests in this frame

Frame: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D2321F3B3AF60D2EAC242F3F1AC2A873
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&adk=1812271804&adf=3025194257&lmt=1656582946&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656582946771&bpp=2&bdt=4498&idt=91&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D46f1c4f1af7d2b8e-222913e4c2cd0005%3AT%3D1656582944%3AS%3DALNI_MbrsauRIB-DaQfLBc2VJDcMTiIQJw&nras=1&correlator=5216671937182&frm=20&pv=2&ga_vid=1106156460.1656582945&ga_sid=1656582945&ga_hid=1738100419&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067528&oid=2&pvsid=1096025088954002&tmod=616171689&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&dtd=110
Frame ID: DFCDDE9811F44A6D6185AE3A4D911AC0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=90&slotname=4687187148&adk=190292511&adf=3572679136&pi=t.ma~as.4687187148&w=728&lmt=1656582947&psa=0&format=728x90&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656582947655&bpp=9&bdt=5383&idt=9&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D46f1c4f1af7d2b8e-222913e4c2cd0005%3AT%3D1656582944%3AS%3DALNI_MbrsauRIB-DaQfLBc2VJDcMTiIQJw&prev_fmts=0x0&nras=1&correlator=5216671937182&frm=20&pv=1&ga_vid=1106156460.1656582945&ga_sid=1656582945&ga_hid=1738100419&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067528&oid=2&pvsid=1096025088954002&tmod=616171689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&fsb=1&xpc=mP2XPgQQfY&p=https%3A//orientaldaily.on.cc&dtd=24
Frame ID: B0FD78A7AA0986C1AA40B451A55A924F
Requests: 15 HTTP requests in this frame

Frame: https://orientaldaily.on.cc/js/v3/iframe_ysm_utf8.html?device=desktop&section=finance&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE
Frame ID: B04BDEF9C4EEBD05F473A2188EA8BB6A
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNXxXe3UL3HJu_O0XMhOQwfrK3D2uDNjklBHKcuGnDL44PLOYalrmZZSIjME55g_zr-PXIuvO_O_xEIjVKv09Y9gGvLmwAkaNcWHj-Wa2d6ra1RnERHppsr8jG4sZ0pU98u4Kl6UjSopsUQlRSco8KukgxEg6df_5eRr5eyXvwMKZWlUGXs
Frame ID: E55009AAA1475B6DCA9E2CE21F67CA9D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3BF3568691D90DE8E38FCAABCABB9497
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EC59E60FF9661B2645E31A58A677B2CB
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html
Frame ID: FAC2982EBF266A35D6FEF128443EE092
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3565501396&adf=356650500&pi=t.ma~as.6393984442&w=300&lmt=1656582949&psa=1&format=300x250&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656582949106&bpp=2&bdt=6834&idt=2&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db15a9a9afd32aff0-22f10ef3c2cd0054%3AT%3D1656582945%3AS%3DALNI_MbaZIbGHyVbYwlxTDheFZ1wlx3v_g&prev_fmts=0x0%2C728x90&nras=1&correlator=5216671937182&frm=20&pv=1&ga_vid=1673556023.1656582948&ga_sid=1656582948&ga_hid=1738100419&ga_fc=1&ga_cid=1106156460.1656582945&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067528&oid=2&psts=AGkb-H_osKdvJFBc72kOxRRZyW8AyB59_m4FGhaVxWaPhXQdsdL8DATrXKMaltS4Qyv4-tVbp6AZtypo_YhXgWr-&pvsid=1096025088954002&tmod=2031454087&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=ygBxarN53i&p=https%3A//orientaldaily.on.cc&dtd=11
Frame ID: 7B7210F11B7F30E766EE076BC570DA08
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B9E09D92640DCCB31DF4ADE19118112F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7EFB2F34345F653B74451A85B789F202
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
Frame ID: C01186F2523950E2B0A2522790FDDC39
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 841C41B8DB6D44B9BF90F63EB5967BF8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F342CFA312D21CB531C8DFA38C3213AB
Requests: 2 HTTP requests in this frame

Frame: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8BA1E24B61272E3878ACCD49FDB98EAC
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNVZJU4unB-heOBwoW4X-Dg5vSOEuFHmXtjmQT8JfEKXjCNo5oUnhwYZRdSOp0YvmDSqz8yFNo3vhAnzickr2JPAjTFrhvjvxm4qm9r333SDV8iYZXEpBfEr5mx2KXkedZR1NM-Pw1_qYzQl7f-rwB1B-TOBGs7Gi_1q0ExtjNciJb2Q24g
Frame ID: E57EA5F59385136AFFCD2F280F420058
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 54AF86872D71735623BEC22341D04A11
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 87552624EF0FFFAEC3C09A30CF450FD4
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html
Frame ID: E541E7571AFFFE70864D205D96C05DB3
Requests: 11 HTTP requests in this frame

Frame: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D1C0F0BE3D6BAAC3D600736B54C3FBEF
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLeq9sUBMAE&v=APEucNXK50sdW1VR1x_PFnIMSoAt1Wg_J6ZgUxJ9O8-2fHV7KhZJnb6MNbn_lKFUh1HoniVx4nxzk0x__k2aRJ_nIUKtCkcN-GtbUZh-ugM7dTtGrClHG2hySEsNOcEFOHOxsMeMtT9Derq5NNkXwySke4JWMyhWu2zfyH6hWpItB3kroLkgbAs
Frame ID: 78535B597269D676FCD299A2FB587BDE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9ED9D3D06BCAE7C03F6A2B9CC02A529B
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=4wdzicLBxf&t=1&renderingType=2&ev=01_247
Frame ID: 00E9BA58CABC3556E2DB200725174B21
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5E22FF76FDC48B7AD6C08A0184B45A48
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
Frame ID: C113174D28694589005C8ED5B3E8BBA7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

渣打擬再整合印度貸款 - 東方日報

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

388
Requests

91 %
HTTPS

35 %
IPv6

34
Domains

57
Subdomains

41
IPs

10
Countries

4295 kB
Transfer

8971 kB
Size

52
Cookies

66 Outgoing links

These are links going to different origins than the main page.

URL: https://epaper.on.cc/odn/
Title: 電子報

Search URL Search Domain Scan URL

URL: https://hk.on.cc/
Title: 即時新聞

Search URL Search Domain Scan URL

URL: https://hk.on.cc/ireport/index.html

Search URL Search Domain Scan URL

URL: https://racing.on.cc/
Title: 馬經

Search URL Search Domain Scan URL

URL: https://football.on.cc/
Title: 波經

Search URL Search Domain Scan URL

URL: https://money18.on.cc/info/hk/liveinfo_quote_02888.html
Title: 02888

Search URL Search Domain Scan URL

URL: https://www.facebook.com/money18
Title: 「東網Money18」fb專頁：有討論、有分析，齊來FUN享，贏盡●你Like

Search URL Search Domain Scan URL

URL: https://money18.on.cc/info/liveinfo_idx.html
Title: 即時港股指數資訊

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220402-0402_00202_004%2F%25E5%258C%2585%25E5%25A4%25A7%25E8%25A1%259E%25E8%25A8%25BC%25E5%2588%25B8%25E5%2580%2592%25E9%2596%2589-%25E5%25B9%25B4%25E5%2585%25A78%25E5%2588%25B8%25E5%2595%2586%25E7%25B5%2590%25E6%25A5%25AD

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00204_042%2F%25E4%25BA%258C%25E6%2589%258B%25E5%2583%25B9%25E9%2587%258F%25E9%25A9%259A%25E5%259A%2587

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220629-0629_00202_044%2F%25E5%2585%25A7%25E5%259C%25B0%25E4%25BA%25BA%25E8%25A2%25AB%25E7%25A6%2581%25E5%259C%25A8%25E6%25B8%25AF%25E5%258F%2583%25E8%2588%2587%25E6%25BB%25AC%25E6%25B7%25B1%25E8%2582%25A1%25E9%2580%259A

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220621-0621_00202_001%2F%25E9%2580%259A%25E8%2584%25B9%25E7%25BA%258C%25E7%2599%25B2-%25E7%25A6%258D%25E5%25BB%25B6%25E6%2595%25B8%25E5%25B9%25B4

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/api/bidder/track?tn=6e22bb022cd37340eb88f5c2f2512e40&price=iDLUEYnt1PIepK9KhNvLuRJZ5Th73CA1M6UDJbOEAI4&evt=102&rid=733e216b-21a9-4022-85ab-8eaa790f0cb5&campaignid=1311437&impid=popin-orientaldaily.on.cc_hk-1&offerid=20608493&test=0&time=1656582947&cp=ztCSgLmd2-RTx7BCCgyd3U45GPGHSfwmPX-Frmjg59I&clickid=45_733e216b-21a9-4022-85ab-8eaa790f0cb5_popin-orientaldaily.on.cc_hk-1&acid=19738&trackingid=627e8ef395c3bc3d8b08743cd149260a&uid=aa62cd9311902212e5f1656582947164&jt=2&url=RDjdyTnYH7aWfffjN8L793Oik17Xt3QcEfP34XwSP0KE5xEVe4qVyKUw4UzSy7PkpNMuuL0BVJutFIIvFc9FujqewPwMCpo9rhwyAHcf6RuXeoeY_ZkleZxy1U8amjLqCOkPa0_oiJ2Zm7HafX2vXy_wIaH0rOyQFDAf7volTgD9QWaNlkZcpZkcXNF1Bt-18U8HpBEa2HraRVPmuD2grrzbWbBqUcZA67O06X3fl3Lvfw6fvnsqb8PP3tbQSt66colFu4fhF89kwhAjaQN8V_7Xmp6fbrzGIUBdvXdWiQMbBucPnkUWJp1xEySqNgDl4_g5mehAT7XqkE1uAMIBQ2V4jBOeFhoHg8iSYG35ZEcqknYT6mEdmf3Om-2hgR3aEDNoxaY6Azka3AvghY0yz-qZj27h6phH03KNvsl-MqJaE-nDrHW-7wNYrafZucxydmN1A1w5zENK17q0hvdJ6hV6AadglOS6kC_OKOKvfJGn95nNDb50gVtKw0sXsOssEPAyf1uOUn--a7se46tqSIbzBWOvxznj2gsXz9dX8hhVcOP87B6rQoS7PeBLYZ1R2Xe4_v8rIjfHUF3fE-xM0Ahtq7unWxej80WqO2XRquY&bm=2&la=de&cn=hk&cid=3820190&info=wrPM-pEdtDBJ1HnyLgDtETotW1bd7J_AvWZ9Hfw7bRk&sid=12__24__49__84__1__83&sp=iDLUEYnt1PIepK9KhNvLuRJZ5Th73CA1M6UDJbOEAI4&scp=uY89WUsGjs36ev9m9CwlBYabRKbpjgxGAxvU5ZjgQnM&acu=TWD&scu=USD&sgcp=ztCSgLmd2-RTx7BCCgyd3U45GPGHSfwmPX-Frmjg59I&gprice=iDLUEYnt1PIepK9KhNvLuRJZ5Th73CA1M6UDJbOEAI4&gcp=uY89WUsGjs36ev9m9CwlBYabRKbpjgxGAxvU5ZjgQnM&ah=hk.popin.cc&pb=m&de=orientaldaily.on.cc_hk&cat=business&iv=1&uidct=1656582947164&uu=aa62cd9311902212e5f1656582947164&tst=1656582948527&ppvs=6&tss=5&aps=1&rp=5&fs=3&bs=3333&caid=standard_pc_4x2

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/api/bidder/track?tn=6e22bb022cd37340eb88f5c2f2512e40&price=bVh6bSd9vE2IHAuPYFiYOdIcxlaZyyaqnLNCie04ttI&evt=102&rid=733e216b-21a9-4022-85ab-8eaa790f0cb5&campaignid=1083453&impid=popin-orientaldaily.on.cc_hk-1&offerid=15426859&test=0&time=1656582947&cp=jxtiLHz4UwEZfCZYWIw2s_1mBLuIA0Cq3RUOitLDa_A&clickid=45_733e216b-21a9-4022-85ab-8eaa790f0cb5_popin-orientaldaily.on.cc_hk-1&acid=1048&trackingid=e30de51c388b6da5f71e2b3566885719&uid=aa62cd9311902212e5f1656582947164&jt=2&url=UZgDq5dnusX-vorlfGPIMSnXmUZWav9zaS7luUmP5o4ExwZbyoSpbT3xj6v1Udqjovf6iNMTpmzPxdAT2aHI3_k0lPW79_zDlZ-6dXsBLaM0PsxXDzwCh4AxCMOeTS2U5SuizJseSPE3hLNR_BGH14GNo46CWIyJ3UGu1taKq78lL7rTgUNcGyRRdy4es1psrk2uoFvuhOhqnc-tPrU8mwn3KVuuCHwSASjJAdQQmBzUmDPCpnYU9oAZqLJ8haf4yWmI6VtEupvwZSspag5R92DL3hmMWhhmeyuyuNIB6Up-q-ODGtzM0evD4r4_fpqpTSSnrEoChjKcj_MD3KhimLJYKKF9Ch41AX5DDGIWV854ZCP1oTjDctrAVHn0NuqsF3-xfg1idY_VtKjJ6LKF5L-SmfwhZ80tPzPKTPFRIg7EZoBqppoxHWTOR_Fol3uZeX49gl5lFH1tWkGROE9fv463e7treWycVLVytwm8keXT3FEh-fcwhIJUZ03_MGjDUx4yMX1UTtWlaWqX9Zu-BHRk7zNBEecWl7IeVMrO1pk&bm=2&la=de&cn=hk&cid=3546958&info=9M-xfJwd-UJZL2K0kUV_3UL7McPsPjLG4QLPCdNzUxo&sid=12__24__49__84__1__83&sp=bVh6bSd9vE2IHAuPYFiYOdIcxlaZyyaqnLNCie04ttI&scp=jpv_iNiEooncgwdLrozcrh2BwiaG-pX6bSa-s0UNaYQ&acu=HKD&scu=USD&sgcp=jxtiLHz4UwEZfCZYWIw2s_1mBLuIA0Cq3RUOitLDa_A&gprice=bVh6bSd9vE2IHAuPYFiYOdIcxlaZyyaqnLNCie04ttI&gcp=jpv_iNiEooncgwdLrozcrh2BwiaG-pX6bSa-s0UNaYQ&ah=hk.popin.cc&pb=m&de=orientaldaily.on.cc_hk&cat=business&iv=1&uidct=1656582947164&uu=aa62cd9311902212e5f1656582947164&tst=1656582948529&ppvs=6&tss=5&aps=2&rp=6&fs=3&bs=3333&caid=standard_pc_4x2

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/api/bidder/track?tn=6e22bb022cd37340eb88f5c2f2512e40&price=TDoINxhzG1ulXzEeps13SAsTICAOAMc-64153DdH3nA&evt=102&rid=733e216b-21a9-4022-85ab-8eaa790f0cb5&campaignid=1090509&impid=popin-orientaldaily.on.cc_hk-1&offerid=13887340&test=0&time=1656582947&cp=8GlgfjhSnR2D08PggE76ilQAl0uI_jQY5Gscx5LUFVQ&clickid=45_733e216b-21a9-4022-85ab-8eaa790f0cb5_popin-orientaldaily.on.cc_hk-1&acid=1048&trackingid=7e24a776c5c7cb5fdc186fe661cc84be&uid=aa62cd9311902212e5f1656582947164&jt=2&url=gw3rouc2wD48J4J0mt2LOcCHHV2rmy-7QxuV7NC9A1OOXFJEI7BMPMQFDdvCKlSyfWPuajya6z_mZKsVxXu4xGvLS7zqNbu4nbdv5wHJQ9WkN7CxIhmi7efjHHmcagGxowGJLOtxWghQsFq15qZ5peV8lH2cPEIflZudkfbb-cVsCJzSPjgZHHBkPWjQeg-31TN48SILHpD1yCXY-DU1u6PNRLHhiJVQNkOlDzj2znobMcRhg6YCj79mMw4KmGoJZRVbJ8wP3WmOI-Rj0r80-Gf_osKyI5xdeZGCAl9fI65i8fDEPzOy4fA2U126oLWniFZXVY8PB7BXfmdQ4M0vsyM08mnTPm8HaWzEPmVdl-B9QdCDKRMmyYo5VaBS6OsXDCRG0IoL9EVjSvc6H3BEhhePAYBGfg4W2C3AXglKo_1Bls00oPBa4rzluyvVhteoy9nCcM4dQhIX5Dr7DUFdf7vZoBWmV4W2PZKyPwEyg2UXNVXmRpf-cY08JlLN-3n1qXY4gFqaJF3IUfVNENdQQiZwFBZEplIMkslRalunHfy-EGsukMCtvOTqMTrh5vH5tiBC1kZJF342xmm3D8emAg&bm=2&la=de&cn=hk&cid=3464493&info=FZYm-_WebYACKoglbQGxp9yJph5A-R8jR2yVGbxkLmU&sid=12__24__49__84__1__83&sp=TDoINxhzG1ulXzEeps13SAsTICAOAMc-64153DdH3nA&scp=kG_-he4FBq4_qcc-oqWFhddwhKndcjOT_2b_ugCvZ6Y&acu=HKD&scu=USD&sgcp=CMTXrr22nDhyOpRwAkMBbhlNSJfgqqK0wxPg3so1GJ0&gprice=TDoINxhzG1ulXzEeps13SAsTICAOAMc-64153DdH3nA&gcp=kG_-he4FBq4_qcc-oqWFhddwhKndcjOT_2b_ugCvZ6Y&ah=hk.popin.cc&pb=m&de=orientaldaily.on.cc_hk&cat=business&iv=1&uidct=1656582947164&uu=aa62cd9311902212e5f1656582947164&tst=1656582948530&ppvs=6&tss=5&aps=3&rp=7&fs=3&bs=3333&caid=standard_pc_4x2

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220629-0629_00202_001%2F%25E6%25A8%2593%25E5%2583%25B9%25E5%25A4%25A7%25E9%2591%258A-%25E5%2585%25A9%25E5%25B9%25B4%25E6%2581%2590%25E5%2586%25A720-

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220629-0629_00202_003%2F%25E5%2585%25AC%25E5%25B1%2585%25E5%25B1%258B%25E9%25AC%25A5%25E5%258A%2588-%25E7%25BF%25A0%25E6%259E%2597%25E9%2582%25A8%25E6%259C%25AA%25E8%25A3%259C%25E5%2583%25B9%25E6%25B8%259B9-%25E7%258D%25B2%25E6%2589%25BF%25E6%258E%25A5

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220616-0616_00202_021%2F%25E6%25B3%25B0%25E7%25A6%25BE%25E4%25BA%25BA%25E5%25A3%25BD%25E6%25AF%258D%25E4%25BC%2581%25E9%2581%25AD%25E9%25A0%2592%25E4%25BB%25A4%25E6%25B8%2585%25E7%259B%25A4

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00210_045%2F%25E5%25B0%2588%25E5%25AE%25B6%25E9%25BB%259E%25E8%25A9%2595%25EF%25BC%259AETF%25E9%2580%259A%25E5%258A%25A9%25E4%25B8%25AD%25E6%25B8%25AF%25E5%25B8%2582%25E5%25A0%25B4%25E5%258D%2587%25E7%25B4%259A

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00204_041%2F%25E6%2596%25B0%25E7%259B%25A4%25E7%2599%25BC%25E5%258A%259B%25E6%2590%25B6%25E5%25AE%25A2

Search URL Search Domain Scan URL

URL: https://money18.on.cc/

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630115801289-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630142124688-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630151705577-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630160800461-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630124400486-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630162008408-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630092056453-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630095137284-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630113536557-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220629/bkn-20220629212946651-0629_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630091918911-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630161151328-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220629/bkn-20220629193345971-0629_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220629/bkn-20220629204536636-0629_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220629/bkn-20220629165639908-0629_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630161546102-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220629/bkn-20220629230655686-0629_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630120658398-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630144018172-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630113947929-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630120902931-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630104206813-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220629/bkn-20220629000514619-0629_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630111514399-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630162031461-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630144023455-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220628/bkn-20220628221546974-0628_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630132540468-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630142847016-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/bkn-20220630154313212-0630_00842_001.html?refer=hn1

Search URL Search Domain Scan URL

URL: http://www.webforall.gov.hk/tc/recognition_scheme

Search URL Search Domain Scan URL

URL: https://ad.on.cc/
Title: 廣告價目

Search URL Search Domain Scan URL

URL: https://oeh.on.cc/tc/contactus.html
Title: 聯絡查詢

Search URL Search Domain Scan URL

URL: https://member.on.cc/
Title: 會員通訊

Search URL Search Domain Scan URL

URL: https://oeh.on.cc/tc/copyright_crindex.html
Title: 版權收費

Search URL Search Domain Scan URL

URL: https://oeh.on.cc/index.html
Title: 企業關係

Search URL Search Domain Scan URL

URL: https://on.cc/disclaimer/index.html
Title: 免責聲明

Search URL Search Domain Scan URL

URL: https://tv.on.cc/
Title: 東網視頻

Search URL Search Domain Scan URL

URL: https://epaper.on.cc/
Title: 東方日報電子報 • 刊物

Search URL Search Domain Scan URL

URL: https://p18.on.cc/
Title: 搵樓18

Search URL Search Domain Scan URL

URL: https://orientalfa.on.cc/
Title: 東方融資

Search URL Search Domain Scan URL

URL: https://classified.on.cc/
Title: 分類廣告

Search URL Search Domain Scan URL

URL: https://on.cc/appdownload/index.html

Search URL Search Domain Scan URL

URL: http://home.on.cc/disclaimer/index.html
Title: 使用條款及細則

Search URL Search Domain Scan URL

URL: https://on.cc/mem/respons.html
Title: 私隱政策聲明

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 218

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDUcE7uqXpjvsbXBzyigMIk&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDUcE7uqXpjvsbXBzyigMIk&google_cver=1&C=1

Request Chain 219

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yr1zJClV1LElFqjpreatSwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDUcE7uqXpjvsbXBzyigMIk&google_cver=1

Request Chain 220

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGAPcmksY78uAMAYa_oazKE&google_cver=1

Request Chain 221

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ2NjM3NDcxNTg5MzUzMjg3MA%3D%3D

Request Chain 234

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GBfC1R5q8jja6zPExhO4AeQkmRvYPz-Q6Yqqwovlhc3OF6u0sTu4fNC3flW2mQBSTCwGOCwueQ37mfyQZm2-xTnZhyLWP7w&google_gid=CAESENui5Ays_VH68Pwqb8j6dJY&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXIxekpBQUFCQWdzMTJvSg&google_push=ARnp8GBfC1R5q8jja6zPExhO4AeQkmRvYPz-Q6Yqqwovlhc3OF6u0sTu4fNC3flW2mQBSTCwGOCwueQ37mfyQZm2-xTnZhyLWP7w

Request Chain 236

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPEyKiIC-_EvOMBBG0BRQCU&google_cver=1&google_push=ARnp8GCbeM9DccMyO8a-F7ycGNvZNX3Tp3r0bKLvhNDGyF2gkkgGt_jrRJ8orMAKIOOjwlnLrb4gKq2OmNn0IL9akfGrRQIkFiGW HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPEyKiIC-_EvOMBBG0BRQCU&google_cver=1&google_push=ARnp8GCbeM9DccMyO8a-F7ycGNvZNX3Tp3r0bKLvhNDGyF2gkkgGt_jrRJ8orMAKIOOjwlnLrb4gKq2OmNn0IL9akfGrRQIkFiGW&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9UdDwewQSb6JP6wBoNtoPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GCbeM9DccMyO8a-F7ycGNvZNX3Tp3r0bKLvhNDGyF2gkkgGt_jrRJ8orMAKIOOjwlnLrb4gKq2OmNn0IL9akfGrRQIkFiGW

Request Chain 237

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECExINWjOXZIerf8T5KDZRk&google_cver=1&google_push=ARnp8GCTaTLsJ4pqeD2BsNLCwCdBpv5-fJzR9p-apk95ZY7VKlZP7TVCtNxZN-081yf8_TdDe3URp9lTaaPZKRXEe9L-EhJalb4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDUwVVBSTzgtMS1FMDk3&google_push=ARnp8GCTaTLsJ4pqeD2BsNLCwCdBpv5-fJzR9p-apk95ZY7VKlZP7TVCtNxZN-081yf8_TdDe3URp9lTaaPZKRXEe9L-EhJalb4

Request Chain 238

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELl3__V4GDKLMUKQNwXLNKM&google_cver=1&google_push=ARnp8GD-MZuU1RlpJBaf1r8jqsPk2LUDtee2nH9j5z5osaypHqaC9YGw96MWue2ZKYOHuz0OGznz2sPus34DGhEcDi8SpXeX4_8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELl3__V4GDKLMUKQNwXLNKM&google_hm=Yr1zJClV1LElFqjpreatSwAABI0AAAAB&google_nid=index&google_push=ARnp8GD-MZuU1RlpJBaf1r8jqsPk2LUDtee2nH9j5z5osaypHqaC9YGw96MWue2ZKYOHuz0OGznz2sPus34DGhEcDi8SpXeX4_8

Request Chain 279

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEME04EpZx5mJvMi1to62vdQ&google_cver=1&google_push=ARnp8GAqYIlj4ONqPPpZZudC-lGeQjs7uMbrdXDTBQSq-fPsAQdSia_gumVKuO5pjOounY6g-Fyzbu8jVSnk818GFY-XYoUqnmSG3w HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GAqYIlj4ONqPPpZZudC-lGeQjs7uMbrdXDTBQSq-fPsAQdSia_gumVKuO5pjOounY6g-Fyzbu8jVSnk818GFY-XYoUqnmSG3w&google_hm=hvaUe4WnnMt7nWq5wSJhow

Request Chain 280

https://d.agkn.com/pixel/2175/?google_gid=CAESEO15Gf9_SendJ9tzfQO_DZM&google_cver=1&google_push=ARnp8GCFWTxOc3ZQk5aGMPVmARhH4OwEVAMKIjAFza70dxvPC836hRWReIXHhNdYz0KYu5JPc6YEM1Azy16oU_OVBtkFPobGZ1Yhhw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GCFWTxOc3ZQk5aGMPVmARhH4OwEVAMKIjAFza70dxvPC836hRWReIXHhNdYz0KYu5JPc6YEM1Azy16oU_OVBtkFPobGZ1Yhhw&google_hm=Q0FFU0VPMTVHZjlfU2VuZEo5dHpmUU9fRFpN

Request Chain 281

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GDDPoJj2BEpVlUBbnwEG7aOlDJuurniBtFIZqGfpjlNb4CQVfALRTTSTN6H9i19Z2VryGM_y4-9d0ZcizMnXsTos4q77Yv3xg&google_gid=CAESEFepcD_CWtv-7hhtT5mhHl0&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GDDPoJj2BEpVlUBbnwEG7aOlDJuurniBtFIZqGfpjlNb4CQVfALRTTSTN6H9i19Z2VryGM_y4-9d0ZcizMnXsTos4q77Yv3xg&google_gid=CAESEFepcD_CWtv-7hhtT5mhHl0&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MzAwOTU1NTAwMDA5MTUyMjMxNDY5OQ%3D%3D&google_push=ARnp8GDDPoJj2BEpVlUBbnwEG7aOlDJuurniBtFIZqGfpjlNb4CQVfALRTTSTN6H9i19Z2VryGM_y4-9d0ZcizMnXsTos4q77Yv3xg

Request Chain 283

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPEyKiIC-_EvOMBBG0BRQCU&google_cver=1&google_push=ARnp8GCbuEr6ATKBuAGTqbHJIIg2de1HHNuSGhKT0OL0iYPavFkxtBp-jVL8NEhpcef-oz9aKFVRxT35aA6MhcdbS9zwcc12fIvj2Q HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPEyKiIC-_EvOMBBG0BRQCU&google_cver=1&google_push=ARnp8GCbuEr6ATKBuAGTqbHJIIg2de1HHNuSGhKT0OL0iYPavFkxtBp-jVL8NEhpcef-oz9aKFVRxT35aA6MhcdbS9zwcc12fIvj2Q&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gbW9OuRFSBqKs4TRvB_w8Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GCbuEr6ATKBuAGTqbHJIIg2de1HHNuSGhKT0OL0iYPavFkxtBp-jVL8NEhpcef-oz9aKFVRxT35aA6MhcdbS9zwcc12fIvj2Q

Request Chain 287

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 308

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJMHklOC23Y7faLc3oEMl0&google_cver=1

Request Chain 309

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yr1zJClV1LElFqjpreatSwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJMHklOC23Y7faLc3oEMl0&google_cver=1

Request Chain 310

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGtxOxCCUxgvGCRkENM9lhQ&google_cver=1

Request Chain 311

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ2NjM3NDcxNTg5MzUzMjg3MA%3D%3D

Request Chain 321

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEH3guZopSPS7iuyTovQvtvA&google_cver=1&google_push=ARnp8GAgFOnrjAVQ7ubf7bftBvkZzcO1vZWX395XiqLo64rLLWw2lH7OZ3AFoz1W4hMN1x2gC6kIsyLk8Nln3LmgBnjfkB0T4A_cwA HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GAgFOnrjAVQ7ubf7bftBvkZzcO1vZWX395XiqLo64rLLWw2lH7OZ3AFoz1W4hMN1x2gC6kIsyLk8Nln3LmgBnjfkB0T4A_cwA&google_hm=hvaUe4WnnMt7nWq5wSJhow

Request Chain 322

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GAfw0SV7YP1wleQrI-w5GOFVI6zNbsAimZpzHW368JF1Jd8wz1Ww9qhd9IyWbKPFxVhXNGizEQxnERA4tZbkTmlZfuN_74mSw&google_gid=CAESELwfL8kFOrJ7k7Vmq5wXJPw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXIxekpnQUFCYm1BZlZ0Rg&google_push=ARnp8GAfw0SV7YP1wleQrI-w5GOFVI6zNbsAimZpzHW368JF1Jd8wz1Ww9qhd9IyWbKPFxVhXNGizEQxnERA4tZbkTmlZfuN_74mSw

Request Chain 323

https://d.agkn.com/pixel/2175/?google_gid=CAESEN0v6DBCYD8sTPqfLBr2Ffs&google_cver=1&google_push=ARnp8GDRWELspNILT8TPAnMda3AFCWez5NcMwJ93pM6YohOMbqd9Sya8nzOrqWWsux44ifwYdg_RlUPiBtebDAbozhqDLm8m5zxPaw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GDRWELspNILT8TPAnMda3AFCWez5NcMwJ93pM6YohOMbqd9Sya8nzOrqWWsux44ifwYdg_RlUPiBtebDAbozhqDLm8m5zxPaw&google_hm=Q0FFU0VOMHY2REJDWUQ4c1RQcWZMQnIyRmZz

Request Chain 325

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDj6McivPhXynBK8eozzzaI&google_cver=1&google_push=ARnp8GCqXCJ06pNsqe1oeVXrnrIMgEtb8nVwVn_7_yGRCsDm-F0vv-e2dnSbwauqBzT7sYVNdkiThAgOMebLofTTlLhoO1LUNiSU8g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9UdDwewQSb6JP6wBoNtoPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GCqXCJ06pNsqe1oeVXrnrIMgEtb8nVwVn_7_yGRCsDm-F0vv-e2dnSbwauqBzT7sYVNdkiThAgOMebLofTTlLhoO1LUNiSU8g

Request Chain 326

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECvKbCyWzGwG34_msJjIWIk&google_cver=1&google_push=ARnp8GC71uS2JbfihROfHhB77vHGV0QJRXRkiV7jCNdIyb-drr70cx3ZUMQsFeCJQEpRaZJN9CPh2_LcLu2DslRo8nBbUlmOmOMChg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDUwVVBUSk4tMjctNzlUTw==&google_push=ARnp8GC71uS2JbfihROfHhB77vHGV0QJRXRkiV7jCNdIyb-drr70cx3ZUMQsFeCJQEpRaZJN9CPh2_LcLu2DslRo8nBbUlmOmOMChg

Request Chain 346

https://pixel.adsafeprotected.com/rfw/st/999585/61793184/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=27619585&ias_pubId=pub-1862194061110379&ias_chanId=1&ias_placementId=17488356385&bidurl=https://orientaldaily.on.cc/content/%25E7%2594%25A2%25E7%25B6%2593/odn-20220630-0630_00202_035/%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hpz548vp1R9-mOKlRmjJU7 HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 351

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHFXX8if_pa4qG26vt9Ae0M&google_cver=1

Request Chain 353

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEMDVV3v1fDy8A933qEfXFVs&google_cver=1

Request Chain 363

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=332080882&d_campaign=27483059&d_bust=180956963&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=332080882&d_campaign=27483059&d_bust=180956963&gdpr=&gdpr_consent=

Request Chain 366

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAYvD8_sLR_TioQUz2_LBV4&google_cver=1&google_push=ARnp8GDFmUdHeLozXPvHP56jwPPb0E6X2lcGTTJj-Op0cP1HI96JWRw0Et8Wt09M1fFVlNnx4MIz7OYLFrwLihJPEgFgmRpSOxoevQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA2Njg1ODM4NTYzMDEwNjY5MA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEK0vPgN04MjX9HEbL7NfFZs&google_cver=1

Request Chain 367

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENVJ1vvR-y4CvOlReAEITR8&google_cver=1&google_push=ARnp8GCoAJcgecB0Mly3-oduZx50j7fbIZFCsZKq8rDKASte--_2DRU-psKF76qmKPBRa2x2BMmTpp_pvyLhzbx18qOrCzn1kvCZow HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENVJ1vvR-y4CvOlReAEITR8&google_push=ARnp8GCoAJcgecB0Mly3-oduZx50j7fbIZFCsZKq8rDKASte--_2DRU-psKF76qmKPBRa2x2BMmTpp_pvyLhzbx18qOrCzn1kvCZow

Request Chain 369

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEH9p0VFK0ubSTND931jfRCo&google_cver=1&google_push=ARnp8GB3hNTtYBElwGU1Bqv2puRC-9wJIVLGkioa2nGnrpbK71rLPkk3AGdTC9Auc4hqSfNnh_LWHv83meyM4pANUhOkzywP4GmP5w HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEH9p0VFK0ubSTND931jfRCo&google_cver=1&google_push=ARnp8GB3hNTtYBElwGU1Bqv2puRC-9wJIVLGkioa2nGnrpbK71rLPkk3AGdTC9Auc4hqSfNnh_LWHv83meyM4pANUhOkzywP4GmP5w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ARnp8GB3hNTtYBElwGU1Bqv2puRC-9wJIVLGkioa2nGnrpbK71rLPkk3AGdTC9Auc4hqSfNnh_LWHv83meyM4pANUhOkzywP4GmP5w&google_hm=hfVemkkjTtyc72dqKnvkgQ==

Request Chain 371

https://d5p.de17a.com/cookies/google?google_gid=CAESEMG5wiAG1c_zWGoxa8kEAvI&google_cver=1&google_push=ARnp8GBoTXYyBqjLwAZIY_KgrQqlqhXqBvT03zt4GPmZQgRFZ6c_2BPKcvasyKvIT7AahOxe_tI3V4bSydAwic1SU_4OqoNNd2DQ3g HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMG5wiAG1c_zWGoxa8kEAvI&google_cver=1&google_push=ARnp8GBoTXYyBqjLwAZIY_KgrQqlqhXqBvT03zt4GPmZQgRFZ6c_2BPKcvasyKvIT7AahOxe_tI3V4bSydAwic1SU_4OqoNNd2DQ3g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GBoTXYyBqjLwAZIY_KgrQqlqhXqBvT03zt4GPmZQgRFZ6c_2BPKcvasyKvIT7AahOxe_tI3V4bSydAwic1SU_4OqoNNd2DQ3g

Request Chain 372

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELl3__V4GDKLMUKQNwXLNKM&google_cver=1&google_push=ARnp8GCewjc5O9EW1dTBFXl1mv8mOwZOrUKslnloRXxr-exQKiRisHfP90MltjxXcaE7hUqKJK0Ty0j3p6YHohRAEfKyXPC9gk8OSg HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELl3__V4GDKLMUKQNwXLNKM&google_hm=Yr1zJClV1LElFqjpreatSwAABI0AAAAB&google_nid=index&google_push=ARnp8GCewjc5O9EW1dTBFXl1mv8mOwZOrUKslnloRXxr-exQKiRisHfP90MltjxXcaE7hUqKJK0Ty0j3p6YHohRAEfKyXPC9gk8OSg

388 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request %E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE Show response
orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/ 24 KB
6 KB 269ms
242ms Document
text/html 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 962f187c2e07072183a90cbb92b513e86821baad09eab1d87228745ca6d2f8a9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
cache-control: public, max-age=300, s-maxage=300, stale-if-error=86400, stale-while-revalidate=30
cf-cache-status: HIT
cf-ray: 7236071bb8319279-FRA
content-encoding: br
content-type: text/html;charset=utf-8
date: Thu, 30 Jun 2022 09:55:42 GMT
etag: W/"01f19c23f711b76f34d607d2b0b0befcb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Accept-Encoding
x-application-context: application:live:9054
x-cacheable: L07
x-host: odnsearchdocker02
x-varnish: 93912411

GET
H2 200 bootstrap.min.css
orientaldaily.on.cc/css/v3/ 119 KB
20 KB 258ms
256ms Stylesheet
text/css 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/css/v3/bootstrap.min.css
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54ddf015f68354280bc4c8b459b66d8fa3ddaddbdf5de7a76d57b26c22d89776

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:42 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
x-varnish: 54309284 55190949
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 31 Jan 2020 03:29:24 GMT
server: cloudflare
etag: W/"1db17-59d672e16ed00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: text/css
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7236071d49de9279-FRA
expires: Thu, 30 Jun 2022 08:12:06 GMT

GET
H2 200 bootstrap-theme.min.css
orientaldaily.on.cc/css/v3/ 24 KB
3 KB 226ms
224ms Stylesheet
text/css 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/css/v3/bootstrap-theme.min.css
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a13295ffa73431bd92a7d3b657fe14eb139a711c435e50a55e919a39190ce112

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:42 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
x-varnish: 34495113
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 31 Jan 2020 03:29:24 GMT
server: cloudflare
etag: W/"5e3c-59d672e16ed00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: text/css
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7236071d49df9279-FRA
expires: Thu, 30 Jun 2022 08:12:09 GMT

GET
H2 200 odn-common.min.css
orientaldaily.on.cc/css/v3/ 33 KB
6 KB 239ms
238ms Stylesheet
text/css 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/css/v3/odn-common.min.css
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8b4e204fa4f21d50c68e41e6e77a807c1374c45c0c9548542b0c4d84dd31528

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:42 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
content-type: text/css
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Mar 2022 07:19:02 GMT
server: cloudflare
etag: W/"8580-5db42206ea580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 98425309 98101714
cache-control: public, max-age=120, s-maxage=3600
cf-ray: 7236071d49e09279-FRA
expires: Thu, 30 Jun 2022 09:12:12 GMT

GET
H2 200 menu.css
hk.on.cc/mobile/css/ 20 KB
4 KB 259ms
248ms Stylesheet
text/css 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hk.on.cc/mobile/css/menu.css
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4379e471eed46dfb112bc6c7aedbce4360a76d9e33ff2857c43373b8be346443

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:42 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Thu, 27 Jan 2022 02:01:06 GMT
server: cloudflare
x-cacheable: Y09
etag: W/"61f1fce2-519d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 609073711 620972349
content-type: text/css
cache-control: public, max-age=5, s-maxage=5
cf-ray: 7236071d59f29279-FRA

GET
H2 200 style.css
hk.on.cc/module/photoswipe/ 9 KB
2 KB 268ms
257ms Stylesheet
text/css 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hk.on.cc/module/photoswipe/style.css
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c3dbb2a992819fe0810a2bb5f48c5789b35daca410ac35c6cdd34bfb488cf00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:42 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 23 May 2017 07:32:56 GMT
server: cloudflare
x-cacheable: Y09
etag: W/"5923e5a8-25c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 702831810 690383015
content-type: text/css
cache-control: public, max-age=5, s-maxage=5
cf-ray: 7236071d59f19279-FRA

GET
H2 200 h5player.css
hk.on.cc/module/player/ 46 KB
8 KB 262ms
251ms Stylesheet
text/css 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hk.on.cc/module/player/h5player.css
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0350eaf35ccdb5e81fd6410f924aa857b491fce3bb1bc48e0935ad2b26a138e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:42 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 07:06:41 GMT
server: cloudflare
x-cacheable: Y09
etag: W/"610a3c81-b706"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1061697035 1061992908
content-type: text/css
cache-control: public, max-age=5, s-maxage=5
cf-ray: 7236071d59f49279-FRA

GET
H2 200 odn-preloadjs.min.js Show response
orientaldaily.on.cc/js/v3/ 1 KB
598 B 256ms
255ms Script
application/x-javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/odn-preloadjs.min.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863fed36a63359c178627fb9c1c55a6dae814afcb97df4c71ac785397f9e73a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:42 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
content-type: application/x-javascript
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Jul 2021 10:30:37 GMT
server: cloudflare
etag: W/"597-5c82c7a264d40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 105339959 106014128
cache-control: public, max-age=120, s-maxage=3600
cf-ray: 7236071d49e29279-FRA
expires: Thu, 30 Jun 2022 08:12:34 GMT

GET
H2 200 odn-preloadcss.min.js Show response
orientaldaily.on.cc/js/v3/ 123 B
258 B 250ms
249ms Script
application/x-javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/odn-preloadcss.min.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6258cf89e1f9160011d8e08cca525e7fd687610408410ceb2b25fbbb7e9b08ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:42 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
x-varnish: 46390056
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 26 May 2021 09:40:39 GMT
server: cloudflare
etag: W/"7b-5c3386f73d3c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7236071d49e49279-FRA
expires: Thu, 30 Jun 2022 08:42:10 GMT

GET
H2 200 odn_mobile_logo.png
orientaldaily.on.cc/img/v3/ 4 KB
4 KB 240ms
239ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/odn_mobile_logo.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5627922b3f1c49ed3d43cfb5699e1525ca7de0c6e6791aead848d3e495e268ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:42 GMT
cf-cache-status: HIT
x-cacheable: L07
content-type: image/png
content-length: 4198
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 27 May 2016 08:45:08 GMT
server: cloudflare
etag: "1066-533ceec856d00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 90079163 91148688
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7236071efbb99279-FRA
expires: Thu, 30 Jun 2022 08:12:24 GMT

GET
H2 200 odn_mobile_archive.png
orientaldaily.on.cc/img/v3/ 2 KB
2 KB 216ms
216ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/odn_mobile_archive.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd713d7980c21296da0a550b57782bb190e1677c630acaf0d10bb1ca0c25a4b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:43 GMT
cf-cache-status: HIT
x-cacheable: L07
content-type: image/png
content-length: 2064
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 27 May 2016 08:55:57 GMT
server: cloudflare
etag: "810-533cf13346140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 81281016 78133843
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 723607209ddb9279-FRA
expires: Thu, 30 Jun 2022 08:11:54 GMT

GET
H2 200 bt_today.png
orientaldaily.on.cc/img/v3/ 2 KB
2 KB 216ms
215ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/bt_today.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b1582fc9df76f0cab50cedaa2fbe5ec0a9cf52db13e4b98c36b6ee4694abb23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:43 GMT
cf-cache-status: HIT
x-cacheable: L07
content-type: image/png
content-length: 2332
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 14 Oct 2020 09:23:51 GMT
server: cloudflare
etag: "91c-5b19e16eaf7c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 27259902 28649888
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 723607209de59279-FRA
expires: Thu, 30 Jun 2022 08:12:21 GMT

GET
H2 200 Bt_calendar.png
orientaldaily.on.cc/img/v3/ 3 KB
3 KB 216ms
215ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/Bt_calendar.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb8eba1460c995cb48cfbbbdd9f304a41a53320d9bfa6ce9ad0fa841b81b5e76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:43 GMT
cf-cache-status: HIT
x-cacheable: L08
content-type: image/png
content-length: 2625
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 14 Oct 2020 10:12:48 GMT
server: cloudflare
etag: "a41-5b19ec5fa0800"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 41612453
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 7236072258b39279-FRA
expires: Thu, 30 Jun 2022 08:55:27 GMT

GET
H2 200 ireport.png
orientaldaily.on.cc/img/v3/ 5 KB
5 KB 782ms
779ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/ireport.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f4fb07db356f024984914d8364135ac3b56af2a009bdcd335fc6483db4931af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:45 GMT
cf-cache-status: HIT
x-cacheable: L08
content-type: image/png
content-length: 4627
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 20 Mar 2020 09:39:27 GMT
server: cloudflare
etag: "1213-5a1460fb731c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 48475244
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 7236072a6a109279-FRA
expires: Thu, 30 Jun 2022 08:42:14 GMT

GET
H2 200 oncc_icon.png
orientaldaily.on.cc/img/v3/ 2 KB
2 KB 225ms
222ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/oncc_icon.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79bb7f32bfdac68dae7fe9cb02ee43aeb9e89027cd0c7c06b12660bf95bd6beb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L07
content-type: image/png
content-length: 1717
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 08 Oct 2021 02:55:36 GMT
server: cloudflare
etag: "6b5-5cdce83751a00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 87459073 96354818
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7236072a6a119279-FRA
expires: Thu, 30 Jun 2022 08:12:18 GMT

GET
H2 200 calendar.png
orientaldaily.on.cc/img/v3/ 1 KB
1 KB 236ms
233ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/calendar.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 350b869264924592f82e55d98feaf44ec0dfb85fd76f798503e8c2bc6eb98517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L07
content-type: image/png
content-length: 1192
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 20 Mar 2020 10:45:35 GMT
server: cloudflare
etag: "4a8-5a146fc3a11c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 87465168 97116471
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7236072a6a129279-FRA
expires: Thu, 30 Jun 2022 09:12:07 GMT

GET
H2 200 0630-00202-035b1.jpg
orientaldaily.on.cc/asset/finance/20220630/photo/ 134 KB
134 KB 218ms
216ms Image
image/jpeg 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/asset/finance/20220630/photo/0630-00202-035b1.jpg
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80b527303614f3950afc1b442881a714307f13c4fe82abafb71e68d33172d6a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L07
content-type: image/jpeg
content-length: 136845
x-varnish: 95565484 94756605
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 29 Jun 2022 16:23:34 GMT
server: cloudflare
etag: "2168d-5e2989313ad80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
expires: Thu, 30 Jun 2022 09:42:11 GMT
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7236072a6a139279-FRA
cf-bgj: h2pri

GET
H2 200 0630-00202-035s1.jpg
orientaldaily.on.cc/asset/finance/20220630/photo/ 97 KB
97 KB 248ms
246ms Image
image/jpeg 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/asset/finance/20220630/photo/0630-00202-035s1.jpg
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1589f2f09497ced0462a32268a796f287a5ab893ce213a8fbf39b233d2fbeb59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L07
content-type: image/jpeg
content-length: 99025
x-varnish: 77659749
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 29 Jun 2022 16:23:35 GMT
server: cloudflare
etag: "182d1-5e2989322efc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
expires: Thu, 30 Jun 2022 08:12:59 GMT
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 7236072a6a149279-FRA
cf-bgj: h2pri

GET
H2 200 ireport_icon.png
orientaldaily.on.cc/img/v3/ 19 KB
20 KB 267ms
265ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/ireport_icon.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99dc0044cfebc1a8906fb5a71be5f41917615a0815955dede34d9406cd6fe053

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L08
content-type: image/png
content-length: 19905
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 10 Feb 2020 07:47:14 GMT
server: cloudflare
etag: "4dc1-59e33f2962480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 113678081 113777583
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7236072a6a159279-FRA
expires: Thu, 30 Jun 2022 08:11:49 GMT

GET
H2 200 web_accessibility_logo.png
orientaldaily.on.cc/img/v3/ 12 KB
13 KB 223ms
221ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/web_accessibility_logo.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4d14f2c2dc606d17733d321dfbe8b722073a5d64b3cc9b107c09e2a5d263e3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L08
content-type: image/png
content-length: 12740
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 May 2015 10:19:04 GMT
server: cloudflare
etag: "31c4-516a8fd53d600"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 252259283
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 7236072a6a179279-FRA
expires: Thu, 30 Jun 2022 08:12:21 GMT

GET
H2 200 require.js Show response
orientaldaily.on.cc/js/v3/lib/ 17 KB
7 KB 211ms
211ms Script
application/x-javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/lib/require.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ca49b7de8f5e006ba5eb976937a3f9fb96b05ebfbb11d685c0b21ead94aacaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:42 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
content-type: application/x-javascript
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 18 Jun 2020 10:17:21 GMT
server: cloudflare
etag: W/"45a7-5a85914f96e40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 105718601
cache-control: public, max-age=120, s-maxage=3600
cf-ray: 7236071eebaf9279-FRA
expires: Thu, 30 Jun 2022 08:12:53 GMT

GET
H2 200 serverTime.js Show response
on.cc/js/ 35 B
152 B 266ms
256ms Script
application/javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on.cc/js/serverTime.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-preloadjs.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1043a461b2a3b48eb457124b0d7918f2de00e78f4242fbe261e778177732e9fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:42 GMT
cf-cache-status: HIT
x-cacheable: L07
cf-ray: 7236071f0bd99279-FRA
x-host: WL24
content-length: 35
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 09:55:36 GMT
server: cloudflare
etag: "62bd7318-23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 100206861 99339386
cache-control: public, max-age=5, s-maxage=5
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 jquery.js Show response
orientaldaily.on.cc/js/v3/lib/ 87 KB
31 KB 245ms
243ms Script
application/x-javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/lib/jquery.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-preloadjs.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:42 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
x-varnish: 47296256
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Jul 2020 02:54:11 GMT
server: cloudflare
etag: W/"15d83-5aa49ce1e9ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7236071efbc09279-FRA
expires: Thu, 30 Jun 2022 08:12:03 GMT

GET
H2 200 unicorp_v4.js Show response
on.cc/adv/web/corp/source/ 59 KB
14 KB 235ms
226ms Script
application/javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on.cc/adv/web/corp/source/unicorp_v4.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-preloadjs.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1f67310a50c4720ca438927ad499f0eb5adf421b8106f950d4b4a3d4a7575ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:42 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
cf-ray: 7236071f0bd69279-FRA
x-host: WL24
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 27 Jan 2022 01:52:16 GMT
server: cloudflare
etag: W/"61f1fad0-ecaf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 15857940 17794467
cache-control: public, max-age=5, s-maxage=5
content-type: application/javascript

GET
H2 200 odn-common.min.js Show response
orientaldaily.on.cc/js/v3/ 44 KB
13 KB 234ms
232ms Script
application/x-javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/odn-common.min.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-preloadjs.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eed02bbf05669a57c9fa23730f523ae85f4331eb7229d0b1eb7b047bec7cc00b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:42 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
x-varnish: 13554222
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jun 2022 04:48:29 GMT
server: cloudflare
etag: W/"aed0-5e2162a37a140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7236071efbc39279-FRA
expires: Thu, 30 Jun 2022 08:56:48 GMT

GET
H2 200 odn-banner.min.js Show response
orientaldaily.on.cc/js/v3/ 5 KB
2 KB 259ms
257ms Script
application/x-javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/odn-banner.min.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-preloadjs.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 870afcb46786b2bb14b4513b1fcd75be5b9566019065b696eac3857328c51e1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:42 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
x-varnish: 55219632
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jun 2022 02:57:26 GMT
server: cloudflare
etag: W/"13f7-5e2149d125180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7236071efbc49279-FRA
expires: Thu, 30 Jun 2022 08:12:06 GMT

GET
H2 200 hls.js Show response
hk.on.cc/module/player/ 235 KB
71 KB 238ms
237ms Script
application/javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hk.on.cc/module/player/hls.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-preloadjs.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b7a5a4cc369fbf887fc098793578f308d0b3e1f51c6fdb5765e5b433e1dfc89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:42 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: Y09
cf-ray: 7236071efbc69279-FRA
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Mar 2021 03:57:55 GMT
server: cloudflare
etag: W/"60596743-3ab62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 688354640 690652136
access-control-allow-origin: *
cache-control: public, max-age=5, s-maxage=5
content-type: application/javascript

GET
H2 200 ads.js Show response
www.google.com/adsense/search/ 140 KB
51 KB 41ms
19ms Script
text/javascript 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/search/ads.js

Requested by

Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-preloadjs.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6608bbd6ce1b8e7f4bf9006a30130f26ae6bf301cc878a08bccbf02b68e1396a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 30 Jun 2022 09:55:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "843481196560489412"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Thu, 30 Jun 2022 09:55:42 GMT

GET
H2 200 unicorp_lang.js Show response
on.cc/adv/web/corp/source/ 86 KB
19 KB 236ms
236ms Script
application/javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on.cc/adv/web/corp/source/unicorp_lang.js
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f67d90d957dd4ee4d98b2aa84d917c435702010342d449a1bdc7fe3b7e1e4c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:43 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
cf-ray: 72360720ce139279-FRA
x-host: WL25
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Apr 2020 07:45:39 GMT
server: cloudflare
etag: W/"5e9d5323-1582f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 146718249 150206437
cache-control: max-age=5, s-maxage=5
content-type: application/javascript

GET
H2 200 yahoo_keywords.js Show response
on.cc/adv/web/corp/js/ 4 KB
750 B 229ms
227ms Script
application/javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on.cc/adv/web/corp/js/yahoo_keywords.js
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79c369802018b75882ec40d4896c33c99ff78227d8ccce93357fc8167b32d386

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
cf-ray: 7236072a6a189279-FRA
x-host: WL24
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Mar 2011 04:11:26 GMT
server: cloudflare
etag: W/"4d76fdee-1198"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 189868259 189331228
cache-control: public, max-age=5, s-maxage=5
content-type: application/javascript

GET
H2 200 unicorp_disclaimer.js Show response
on.cc/adv/web/corp/source/ 4 KB
1 KB 227ms
225ms Script
application/javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on.cc/adv/web/corp/source/unicorp_disclaimer.js
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 112aba6073ee49f1843f50fb5239e2d7c8a004325b50bd7f93ab093cb6b72e4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
cf-ray: 7236072a6a199279-FRA
x-host: WL24
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 31 Aug 2021 06:55:25 GMT
server: cloudflare
etag: W/"612dd25d-f2a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 2457609 65542
cache-control: public, max-age=5, s-maxage=5
content-type: application/javascript

GET
H2 200 weather_info.js Show response
on.cc/adv/web/corp/js/ 3 KB
1 KB 259ms
258ms Script
application/javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on.cc/adv/web/corp/js/weather_info.js
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ead571f2d6207d7aebd79e1f17ece3126edc853e83573fc1f74e14eeea4beb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:43 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
cf-ray: 72360720ce149279-FRA
x-host: WL24
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 09:50:04 GMT
server: cloudflare
etag: W/"62bd71cc-cc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 98811418 99490594
cache-control: public, max-age=5, s-maxage=5
content-type: application/javascript

GET
H2 200 unicorp_v4.css
on.cc/adv/web/corp/source/ 7 KB
2 KB 240ms
240ms Stylesheet
text/css 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on.cc/adv/web/corp/source/unicorp_v4.css?v=31
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cdfc421265602e0a9c952b7c9e7ee8f58cfbdfb27b0d3649b818ecbb24f8908

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:43 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
cf-ray: 72360720ce159279-FRA
x-host: WL25
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 27 May 2020 01:59:01 GMT
server: cloudflare
etag: W/"5ecdc965-1de5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 19258160 25346386
cache-control: public, max-age=30, s-maxage=300
content-type: text/css

GET
H2 200 unicorp_v4_hk.css
on.cc/adv/web/corp/source/ 12 KB
2 KB 286ms
285ms Stylesheet
text/css 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b85ec12235a456ead5b2370041070fb6cecad1f6db376c484b15f68e0b98b7e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:43 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
cf-ray: 72360720ce179279-FRA
x-host: WL24
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 27 Jan 2022 01:52:16 GMT
server: cloudflare
etag: W/"61f1fad0-3183"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 41044300 40880279
cache-control: public, max-age=30, s-maxage=300
content-type: text/css

GET
H2 200 checkrev.gif
home.on.cc/adv/web/corp/img/ 43 B
201 B 48ms
37ms Image
image/gif 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://home.on.cc/adv/web/corp/img/checkrev.gif
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L08
age: 14215
cf-ray: 7236072a7a269279-FRA
x-host: WL25
content-length: 43
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Oct 2008 03:57:30 GMT
server: cloudflare
etag: "48fc01aa-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 22704921 11391253
cache-control: max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/gif

GET
H2 200 pubdate.js Show response
orientaldaily.on.cc/asset/js/ 24 B
301 B 225ms
225ms XHR
application/json 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/asset/js/pubdate.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a5961396357e863a967803cce166fd3954275ccee1be16f7c75077414216918

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:43 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
cf-ray: 7236072258bb9279-FRA
x-host: odnsearchdocker01
x-application-context: application:live:9054
referrer-policy: no-referrer-when-downgrade
server: cloudflare
etag: W/"0744a855bd23b3c6cc61fdabff7989eed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 85841249 88805766
access-control-allow-origin: *
cache-control: public, max-age=300, s-maxage=300, stale-if-error=86400, stale-while-revalidate=30
content-type: application/json;charset=UTF-8
access-control-allow-headers: Content-Type

GET
H2 200 hiddenSection.js Show response
orientaldaily.on.cc/asset/js/20220630/ 236 B
285 B 217ms
217ms XHR
application/json 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/asset/js/20220630/hiddenSection.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 975765c0fef1b080e3a7137df342f265d483f8c7927b8e10b923b92ebfa71378

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:43 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
cf-ray: 72360723ca3d9279-FRA
x-host: odnsearchdocker02
x-application-context: application:live:9054
referrer-policy: no-referrer-when-downgrade
server: cloudflare
etag: W/"03a260a3520d7cf6267d4154213fadf30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 82943014 82389867
access-control-allow-origin: *
cache-control: public, max-age=300, s-maxage=300, stale-if-error=86400, stale-while-revalidate=30
content-type: application/json;charset=utf-8
access-control-allow-headers: Content-Type

GET
H2 204 rta.js Show response
rtax.criteo.com/delivery/rta/ 0
84 B 272ms
15ms Script
text/plain 178.250.0.166
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtax.criteo.com/delivery/rta/rta.js?netId=3124&cookieName=crtg_oncchk_rta&rnd=95074271529&varName=crtg_oncchk_content

Requested by

Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-banner.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.166 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
strict-transport-security: max-age=31536000; preload;
server: nginx/1.20.1

GET
H2 200 adultlist.txt Show response
orientaldaily.on.cc/data/ 578 B
336 B 826ms
825ms XHR
text/plain 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/data/adultlist.txt
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1bf5e901abfea769b7f81433070c2a4ea7f261d2726c4f6c078429604f7c843

Request headers

Accept: */*
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
content-type: text/plain
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jun 2022 02:38:52 GMT
server: cloudflare
etag: W/"242-5e2145aac0700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 88569431 90458667
cache-control: public, max-age=120, s-maxage=3600
cf-ray: 723607252bc69279-FRA
expires: Thu, 30 Jun 2022 08:40:34 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 163 KB
56 KB 64ms
38ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-banner.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7549534209a328ff6b836b1e62991c2ed7d6f884e9e103bb30b67af8ffc533d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56358
x-xss-protection: 0
server: cafe
etag: 277096011671154067
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 09:55:44 GMT

GET
H2 200 odn-content.min.css
orientaldaily.on.cc/css/v3/ 12 KB
2 KB 250ms
247ms Stylesheet
text/css 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/css/v3/odn-content.min.css
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d82509736b98cf5d93d49f053ced5702fd9ca35deb0d590aa2d3a52e176eab22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
x-varnish: 84357939
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 02 Aug 2021 04:38:40 GMT
server: cloudflare
etag: W/"2e67-5c88c24af5400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: text/css
cache-control: public, max-age=120, s-maxage=3600
cf-ray: 7236072a6a0d9279-FRA
expires: Thu, 30 Jun 2022 08:34:47 GMT

GET
H2 200 ajs.php Show response
ad4.on.cc/web/www/delivery/ 3 KB
1 KB 271ms
262ms Script
text/javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=705&adScreenW=1600
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-banner.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c362386195dbb7a2414aacaff230ea52e537dac0ff9914cc052809f6a00228b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Jun 2022 09:55:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
cf-ray: 7236072a7a259279-FRA
content-type: text/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ic_arrow_hkhk_off.gif
on.cc/img/v2/ 1 KB
1 KB 24ms
21ms Image
image/gif 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/img/v2/ic_arrow_hkhk_off.gif
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b4a8698e5c880ff6090a1c0cd2558e42b26c5a1bdf6cb08b9d8f2d78077fdd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 4641
cf-ray: 7236072a8a3f9279-FRA
x-host: WL24
content-length: 1172
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 03 Nov 2013 03:59:55 GMT
server: cloudflare
etag: "5275ca3b-494"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 69371410 69110807
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/gif

GET
H2 200 web_menu_m18.png
on.cc/adv/web/corp/img/ 3 KB
3 KB 22ms
18ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/web_menu_m18.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10a1c3546508a4f60041203cd2de027ba35189ccac7bcc4701c98ac6595bc434

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 1980
cf-ray: 7236072a8a439279-FRA
x-host: WL24
content-length: 2799
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 03:35:56 GMT
server: cloudflare
etag: "6018c89c-aef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 68208771 68208645
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 web_menu_m18_over.png
on.cc/adv/web/corp/img/ 3 KB
3 KB 236ms
233ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/web_menu_m18_over.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b75455f6bc681b8ccf92a51442f1ac2c91fbfe1c813837a9650e975b3456913

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L08
cf-ray: 7236072a8a459279-FRA
x-host: WL25
content-length: 2832
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 03:35:56 GMT
server: cloudflare
etag: "6018c89c-b10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 66482354 53043633
cache-control: max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 web_ball_off.png
on.cc/adv/web/corp/img/ 2 KB
2 KB 39ms
35ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/web_ball_off.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2139db140b042be2a5bafd65fa757f0eb3cf3e0f97c6a8eec957052530b03d77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L08
age: 1980
cf-ray: 7236072a8a469279-FRA
x-host: WL25
content-length: 2168
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 03:35:56 GMT
server: cloudflare
etag: "6018c89c-878"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 42653807 68077413
cache-control: max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 web_ball_over.png
on.cc/adv/web/corp/img/ 2 KB
2 KB 21ms
21ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/web_ball_over.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eef61507e5ba153c053a683aefc1e14a84044b401e846c5736572094dd2fe5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L08
age: 4640
cf-ray: 7236072aaa6a9279-FRA
x-host: WL25
content-length: 2175
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 03:35:56 GMT
server: cloudflare
etag: "6018c89c-87f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 57990337 53043638
cache-control: max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 web_ball_off_sc.png
on.cc/adv/web/corp/img/ 2 KB
2 KB 769ms
768ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/web_ball_off_sc.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5587ca41f509ea115a518336f6ac6e376379a25fda215b58c4921f84040f0f39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:45 GMT
cf-cache-status: HIT
x-cacheable: L07
cf-ray: 7236072aba789279-FRA
x-host: WL24
content-length: 2124
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 03:35:56 GMT
server: cloudflare
etag: "6018c89c-84c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 68184799 69048441
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 web_ball_over_sc.png
on.cc/adv/web/corp/img/ 2 KB
2 KB 237ms
237ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/web_ball_over_sc.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9de0c8978e69302a3aa776ff407769b18f57ffa7d8122c2da9ef747f93cd43cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L07
cf-ray: 7236072aca9e9279-FRA
x-host: WL24
content-length: 2138
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 03:35:56 GMT
server: cloudflare
etag: "6018c89c-85a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 69048549 68208660
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 web_horse_off.png
on.cc/adv/web/corp/img/ 2 KB
2 KB 221ms
220ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/web_horse_off.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deebccefdbb9e3846fb52bdeb875696fa33b4fcafb00d83ac8f89631084df26b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L07
cf-ray: 7236072acaa89279-FRA
x-host: WL24
content-length: 1953
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 03:35:56 GMT
server: cloudflare
etag: "6018c89c-7a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 69371418 68246272
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 web_horse_over.png
on.cc/adv/web/corp/img/ 2 KB
2 KB 223ms
223ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/web_horse_over.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e26801b344d9fb191aa53ea743d2d8b5f4888cebac66ce1128f63078aa53f750

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L07
cf-ray: 7236072bdc069279-FRA
x-host: WL24
content-length: 1952
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 03:35:56 GMT
server: cloudflare
etag: "6018c89c-7a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 68246468 69048425
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 web_horse_off_sc.png
on.cc/adv/web/corp/img/ 2 KB
2 KB 219ms
219ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/web_horse_off_sc.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9c56677f5e4bf4db2d10b3e4251337f9c954733c8b35b24f6861cf634ae42a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L07
cf-ray: 7236072bdc0c9279-FRA
x-host: WL24
content-length: 1856
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 03:35:56 GMT
server: cloudflare
etag: "6018c89c-740"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 69371403 68208648
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 web_horse_over_sc.png
on.cc/adv/web/corp/img/ 2 KB
2 KB 234ms
234ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/web_horse_over_sc.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9613f7645c91aacd5d5027d72140f3ffcb148eb265aeee3b529303e28f8bd03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L07
cf-ray: 7236072c0c429279-FRA
x-host: WL24
content-length: 1861
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 03:35:56 GMT
server: cloudflare
etag: "6018c89c-745"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 15300205 69402819
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 web_net_off.png
on.cc/adv/web/corp/img/ 2 KB
2 KB 241ms
241ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/web_net_off.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce61748ce893b3ec7b81cd022f4a9ed673ab4c118f5cff9a4c72a2160d04b496

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L08
cf-ray: 7236072c3c729279-FRA
x-host: WL25
content-length: 2343
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 03:35:56 GMT
server: cloudflare
etag: "6018c89c-927"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 57990362
cache-control: max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 web_net_over.png
on.cc/adv/web/corp/img/ 2 KB
2 KB 42ms
42ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/web_net_over.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 176b6e30b48ace76fce19e261ac688bde72e2defab631d9c2fafea242c559714

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 4638
cf-ray: 7236072c4c889279-FRA
x-host: WL24
content-length: 2352
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 03:35:56 GMT
server: cloudflare
etag: "6018c89c-930"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 68246457 68208642
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 logo_TC_on.gif
on.cc/adv/web/corp/img/ 12 KB
12 KB 230ms
230ms Image
image/gif 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/logo_TC_on.gif
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5124d27328c2f5c4b2a560fe2ad40a2ece04ed9f465f354fa35b741c124fd466

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L08
cf-ray: 7236072cbd219279-FRA
x-host: WL25
content-length: 11875
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Nov 2020 04:52:01 GMT
server: cloudflare
etag: "5fa8caf1-2e63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 68268290
cache-control: max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/gif

GET
H2 200 logo_SC_on.gif
on.cc/adv/web/corp/img/ 12 KB
12 KB 225ms
223ms Image
image/gif 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/logo_SC_on.gif
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a12c17ab23790461e677329f9dac5efb0ce19a38fcece15f785ff7f42423cc26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:45 GMT
cf-cache-status: HIT
x-cacheable: L08
cf-ray: 7236072d3ddd9279-FRA
x-host: WL25
content-length: 11974
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Nov 2020 04:52:00 GMT
server: cloudflare
etag: "5fa8caf0-2ec6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 42653801
cache-control: max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/gif

GET
H2 200 logo_TC_off.png
on.cc/adv/web/corp/img/ 28 KB
28 KB 232ms
231ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/logo_TC_off.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2ba400a3542c7f986dd240f2def70cc8d021912a6376e6da574c28630a67b3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:45 GMT
cf-cache-status: HIT
x-cacheable: L07
cf-ray: 7236072d3ddf9279-FRA
x-host: WL24
content-length: 28481
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Nov 2020 04:51:59 GMT
server: cloudflare
etag: "5fa8caef-6f41"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 69402961 68184620
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 logo_SC_off.png
on.cc/adv/web/corp/img/ 27 KB
27 KB 234ms
234ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/logo_SC_off.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1de66009eea3c9f435d5bea771a3717b0c9dc7abc9418e9357442c1afec63117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:45 GMT
cf-cache-status: HIT
x-cacheable: L07
cf-ray: 7236072d7e4e9279-FRA
x-host: WL24
content-length: 27615
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Nov 2020 04:52:05 GMT
server: cloudflare
etag: "5fa8caf5-6bdf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 69110892 69210483
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 logo_net_off.png
on.cc/adv/web/corp/img/ 3 KB
3 KB 244ms
244ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/logo_net_off.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ab6ed9795e2f7e4f657148a92d36798a27dd29ab2d4e992fbce352de9a2e42b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:45 GMT
cf-cache-status: HIT
x-cacheable: L07
cf-ray: 7236072dbe959279-FRA
x-host: WL24
content-length: 3057
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 03:35:56 GMT
server: cloudflare
etag: "6018c89c-bf1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 68149827 68246285
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 logo_net_on.png
on.cc/adv/web/corp/img/ 4 KB
4 KB 211ms
211ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/logo_net_on.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2120ebbbe270d6417b8d272c6450d10ef0d94235287b3eb2e2c8a52de73cb17e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:45 GMT
cf-cache-status: HIT
x-cacheable: L07
cf-ray: 7236072e2f589279-FRA
x-host: WL24
content-length: 4259
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Feb 2021 03:35:56 GMT
server: cloudflare
etag: "6018c89c-10a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 15300209 68208639
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 net_icon_off.png
on.cc/adv/web/corp/img/ 4 KB
4 KB 767ms
767ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/net_icon_off.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e91e1f5f9ab1b71b71686baf06d7a1661f89786df2019f315b2d3b8d1186f61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:45 GMT
cf-cache-status: HIT
x-cacheable: L07
cf-ray: 7236072e9ffa9279-FRA
x-host: WL24
content-length: 3802
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Jun 2020 06:39:24 GMT
server: cloudflare
etag: "5ed9e89c-eda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 68184812 68208653
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 net_icon_on.png
on.cc/adv/web/corp/img/ 3 KB
3 KB 22ms
22ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/net_icon_on.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2c044e8e8af87330e2c1c28479713e3107e8b9fe79b3a881bcb247902531db1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:45 GMT
cf-cache-status: HIT
x-cacheable: L08
age: 4637
cf-ray: 7236072ea81b9279-FRA
x-host: WL25
content-length: 3377
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Jun 2020 06:39:24 GMT
server: cloudflare
etag: "5ed9e89c-d31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 67979549
cache-control: max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 test_off.png
on.cc/adv/web/corp/img/ 1 KB
1 KB 208ms
208ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/test_off.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af2d583999658b96ba5bc7d5cf834ca654a8930d5937c8f4830ee9c7e6fac5ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:45 GMT
cf-cache-status: HIT
x-cacheable: L07
cf-ray: 7236072ed8409279-FRA
x-host: WL24
content-length: 1421
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 Mar 2020 01:47:55 GMT
server: cloudflare
etag: "5e6ae64b-58d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 69048569 69371221
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 test_on.png
on.cc/adv/web/corp/img/ 1 KB
1 KB 225ms
224ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/test_on.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc5e0245a9f89d144afabfb55c88f190a4153ad8c3baa67e340a2a7715a64940

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:45 GMT
cf-cache-status: HIT
x-cacheable: L07
cf-ray: 7236072ef86c9279-FRA
x-host: WL24
content-length: 1370
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 Mar 2020 01:47:55 GMT
server: cloudflare
etag: "5e6ae64b-55a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 68246439 68536651
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 dot_off.png
on.cc/adv/web/corp/img/ 1 KB
1 KB 214ms
214ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/dot_off.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c660dec6cd5e8f9e0b3c518da51439c7a47a1b28da85193926a06b005f0905b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:45 GMT
cf-cache-status: HIT
x-cacheable: L08
cf-ray: 7236072f38b49279-FRA
x-host: WL25
content-length: 1029
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 Mar 2020 01:47:55 GMT
server: cloudflare
etag: "5e6ae64b-405"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 68620636
cache-control: max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 dot_on.png
on.cc/adv/web/corp/img/ 1 KB
1 KB 27ms
27ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/dot_on.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45f029b0dec12e864c693266265b33e968158edb8ae5761c09013c8069544c2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:45 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 4635
cf-ray: 7236072f78fe9279-FRA
x-host: WL24
content-length: 1025
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 Mar 2020 01:47:55 GMT
server: cloudflare
etag: "5e6ae64b-401"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 69338146 69402845
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 health_off.png
on.cc/adv/web/corp/img/ 2 KB
2 KB 215ms
215ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/health_off.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b5514e397dfa4b681f07408e843b186c8e40f0c429e6b956154ac2c385aac34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:45 GMT
cf-cache-status: HIT
x-cacheable: L07
cf-ray: 7236072f79009279-FRA
x-host: WL24
content-length: 1546
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 Mar 2020 01:51:35 GMT
server: cloudflare
etag: "5e6ae727-60a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 69402946 69402825
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 health_on.png
on.cc/adv/web/corp/img/ 1 KB
2 KB 20ms
20ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/health_on.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e32b017a5bc36cfd7104924ee59da3e015206b7be6132b36f5951b0e7775c4c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:45 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 1979
cf-ray: 7236072fa9379279-FRA
x-host: WL24
content-length: 1455
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 Mar 2020 01:51:35 GMT
server: cloudflare
etag: "5e6ae727-5af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 68184791 68246296
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 sport_off.png
on.cc/adv/web/corp/img/ 2 KB
2 KB 23ms
23ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/sport_off.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48deef5a4537b8c2d3bbc1c4cf8b5133ec55fade9fb3ab81bbe36bb4f7cc3f73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:45 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 1979
cf-ray: 7236072fc96c9279-FRA
x-host: WL24
content-length: 1608
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 Mar 2020 01:51:36 GMT
server: cloudflare
etag: "5e6ae728-648"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 69110894 69402839
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 sport_on.png
on.cc/adv/web/corp/img/ 1 KB
2 KB 217ms
217ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/sport_on.png
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f6a761102c6ab539f8c8886b76f6c4f92a49955a4bc5fec019a0e741638cac3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:45 GMT
cf-cache-status: HIT
x-cacheable: L07
cf-ray: 7236072ff9909279-FRA
x-host: WL24
content-length: 1497
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 Mar 2020 01:51:36 GMT
server: cloudflare
etag: "5e6ae728-5d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 15300203 69110810
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220628/r20190131/ Frame 1BB7 10 KB
5 KB 27ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220628/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 65802
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 15:39:02 GMT
etag: 10429905676100781186
expires: Wed, 13 Jul 2022 15:39:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 unicorp_disclaimer.css
hk.on.cc/adv/web/corp/source/ 1 KB
731 B 27ms
26ms Stylesheet
text/css 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hk.on.cc/adv/web/corp/source/unicorp_disclaimer.css
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_disclaimer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89c5d02602316b77d7d50cb7b8a168c10d707994d6f2aba75788365896bf5ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: Y10
age: 5668
cf-ray: 7236072bdc0a9279-FRA
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Aug 2018 06:48:01 GMT
server: cloudflare
etag: W/"5b67ef21-5ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 60058182
cache-control: public, max-age=1800, s-maxage=14400
content-type: text/css

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 49ms
21ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=705&adScreenW=1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

sffe /

Resource Hash

35019316f13954f4258a8b048c51ae4cbc126bd15b26c3707aaef60debd9cc1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28075
x-xss-protection: 0
server: sffe
etag: "1259 / 831 of 1000 / last-modified: 1656578599"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 30 Jun 2022 09:55:44 GMT

GET
H2 200 lg.php
ad4.on.cc/web/www/delivery/ 43 B
262 B 214ms
213ms Image
image/gif 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4.on.cc/web/www/delivery/lg.php?bannerid=6758&campaignid=368&zoneid=705&loc=1&referer=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&cb=ba54dd6ae5
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
content-length: 43
pragma: no-cache
last-modified: Thu, 30 Jun 2022 09:55:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
accept-ranges: bytes
cf-ray: 7236072c1c5d9279-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
orientaldaily.on.cc/css/fonts/ 18 KB
18 KB 231ms
231ms Font
application/octet-stream 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/css/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/bootstrap.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer: https://orientaldaily.on.cc/css/v3/bootstrap.min.css
Origin: https://orientaldaily.on.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
x-varnish: 53960042 54376871
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 31 Jan 2020 03:29:24 GMT
server: cloudflare
etag: W/"466c-59d672e16ed00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: text/plain
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7236072c2c699279-FRA
expires: Thu, 30 Jun 2022 08:11:25 GMT

GET
H2 200 pic63.jpg
on.cc/adv/web/corp/img/ 578 B
738 B 31ms
31ms Image
image/jpeg 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/pic63.jpg
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc48b7c9856fd04e9b657943d039fa00c9171fb2fed4e70f2fb0a0f9d8d5140d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L08
age: 6065
cf-ray: 7236072c7cc79279-FRA
x-host: WL25
content-length: 578
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 17 Oct 2008 03:36:37 GMT
server: cloudflare
etag: "48f80845-242"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 87920225
cache-control: max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 tc1.jpg
on.cc/adv/web/corp/img/ 517 B
673 B 20ms
19ms Image
image/jpeg 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/tc1.jpg
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d396a425aff7d36f065e55309236b089969a477738f1540f948df56853fe2127

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 6065
cf-ray: 7236072c7cc59279-FRA
x-host: WL24
content-length: 517
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 17 Oct 2008 03:43:31 GMT
server: cloudflare
etag: "48f809e3-205"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 55857805
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 ts.jpg
on.cc/adv/web/corp/img/ 635 B
854 B 32ms
31ms Image
image/jpeg 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/ts.jpg
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ded3b5fe5012c95cf55fce4d674274ec122c901a802db7371c89d1cb5179d97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 6065
cf-ray: 7236072c7cc49279-FRA
x-host: WL24
content-length: 635
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 17 Oct 2008 03:43:32 GMT
server: cloudflare
etag: "48f809e4-27b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 69110896 68184612
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 oncc_deg.gif
on.cc/adv/web/corp/img/ 1 KB
1 KB 45ms
44ms Image
image/gif 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://on.cc/adv/web/corp/img/oncc_deg.gif
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28b04b730ec93a432ace59ed70723ac53e3883f180bf8414f22b2fff89cda6a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L07
age: 4640
cf-ray: 7236072c7cc39279-FRA
x-host: WL24
content-length: 1185
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Nov 2013 04:50:21 GMT
server: cloudflare
etag: "5273330d-4a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 69048585 69402814
cache-control: public, max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/gif

GET
H2 200 logo_odn.png
orientaldaily.on.cc/img/v3/ 855 B
1 KB 827ms
827ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/logo_odn.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 798140180b673a00fd9685b6979fc85b9108be61c481ee8ab50e8de4f2ae7b34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:45 GMT
cf-cache-status: HIT
x-cacheable: L08
content-type: image/png
content-length: 855
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Feb 2010 08:10:19 GMT
server: cloudflare
etag: "357-48040149df0c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 107694812 76656121
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7236072c4c8f9279-FRA
expires: Thu, 30 Jun 2022 08:12:18 GMT

GET
H2 200 ajs.php Show response
ad4.on.cc/web/www/delivery/ 6 KB
2 KB 252ms
251ms Script
text/javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=1105&adScreenW=1600
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-banner.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98239200c8b0095ac21bc94b52976325a0634c733e055d16366765acb8bb755a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Jun 2022 09:55:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
cf-ray: 7236072c4c919279-FRA
content-type: text/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ic_facebook_32.png
orientaldaily.on.cc/img/v3/ 4 KB
4 KB 234ms
232ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/ic_facebook_32.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-content.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21751a2ef69707d95d710a599058bd1ad09a1ee89f84512e5f2291b2b94217db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-content.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L07
content-type: image/png
content-length: 4397
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Jul 2021 11:23:54 GMT
server: cloudflare
etag: "112d-5c65e8a5b0680"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 97866556
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7236072c5c949279-FRA
expires: Thu, 30 Jun 2022 09:12:40 GMT

GET
H2 200 ic_twitter_32.png
orientaldaily.on.cc/img/v3/ 4 KB
4 KB 243ms
241ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/ic_twitter_32.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-content.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a8c71c4cc7d5565e31fad7dc51eca8c09b8b737ba544f30372411d98a3edba6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-content.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L08
content-type: image/png
content-length: 3818
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Jul 2021 11:24:07 GMT
server: cloudflare
etag: "eea-5c65e8b2163c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 205112802 204832158
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7236072c5c959279-FRA
expires: Thu, 30 Jun 2022 08:12:03 GMT

GET
H2 200 ic_telegram_32.png
orientaldaily.on.cc/img/v3/ 5 KB
5 KB 231ms
229ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/ic_telegram_32.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-content.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a7c4424e5cb5c21be591baaf6203d2cdf6a50b582dfb077b2cc42d345aa6177

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-content.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L07
content-type: image/png
content-length: 4694
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Jul 2021 11:24:13 GMT
server: cloudflare
etag: "1256-5c65e8b7cf140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 174446623
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7236072c5c979279-FRA
expires: Thu, 30 Jun 2022 08:11:53 GMT

GET
H2 200 ic_whatapp_32.png
orientaldaily.on.cc/img/v3/ 5 KB
5 KB 224ms
223ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/ic_whatapp_32.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-content.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b5d4b4b81b4c4c46f266dde325b84e7856fc9dd0bf2e35332edb831ac7afa7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-content.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L07
content-type: image/png
content-length: 5442
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Jul 2021 11:24:20 GMT
server: cloudflare
etag: "1542-5c65e8be7c100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 177058503 165039604
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7236072c5c989279-FRA
expires: Thu, 30 Jun 2022 09:12:22 GMT

GET
H2 200 ic_print_32.png
orientaldaily.on.cc/img/v3/ 4 KB
4 KB 229ms
228ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/ic_print_32.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-content.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed3376d25fca09028fe41665e52559bb88177ac13dfbbeac9dd28716bc0df000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-content.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L08
content-type: image/png
content-length: 4419
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Jul 2021 11:23:47 GMT
server: cloudflare
etag: "1143-5c65e89f036c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 205795638
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7236072c5c999279-FRA
expires: Thu, 30 Jun 2022 09:11:54 GMT

GET
H2 200 ic_t_small_32.png
orientaldaily.on.cc/img/v3/ 4 KB
4 KB 234ms
232ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/ic_t_small_32.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-content.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d3c30ad5bbeaddf13c0962cc3586228e77b2f343d3e76e8655e4a3ee487ed52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-content.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L07
content-type: image/png
content-length: 3758
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Jul 2021 11:21:47 GMT
server: cloudflare
etag: "eae-5c65e82c928c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 136301280 134478376
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 7236072c5c9a9279-FRA
expires: Thu, 30 Jun 2022 08:12:03 GMT

GET
H2 200 ic_t_large_32.png
orientaldaily.on.cc/img/v3/ 4 KB
4 KB 243ms
242ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/ic_t_large_32.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-content.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7700f3825b7ce6c180c377790acc64597f5f00ab11057bc7a95b2ed704a7e61a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-content.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L08
content-type: image/png
content-length: 3972
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Jul 2021 11:23:15 GMT
server: cloudflare
etag: "f84-5c65e8807eec0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 101346084 96204959
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7236072c5c9b9279-FRA
expires: Thu, 30 Jun 2022 08:12:33 GMT

GET
H2 200 stock_icon_56.png
orientaldaily.on.cc/img/v3/ 3 KB
3 KB 229ms
228ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/stock_icon_56.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-content.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9182241c0821b88dcd3047e50f7301863c71e00818b20ac639cb469a375f2482

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-content.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:44 GMT
cf-cache-status: HIT
x-cacheable: L07
content-type: image/png
content-length: 3238
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 06 Jul 2021 07:48:46 GMT
server: cloudflare
etag: "ca6-5c66fa6d1f380"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 81025101
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 7236072c5c9c9279-FRA
expires: Thu, 30 Jun 2022 09:14:05 GMT

GET
H2 200 pubads_impl_2022062701.js Show response
securepubads.g.doubleclick.net/gpt/ 373 KB
127 KB 7ms
6ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

sffe /

Resource Hash

01fb24629611503ba4ea42ea9d94c1b82449d62985a6087c5e22e9e38b9b0ff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:45:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 638
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130259
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:39:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 30 Jun 2023 09:45:06 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 161 B
137 B 30ms
16ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=orientaldaily.on.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

18576f2a2f7116a6915d3f562fea7b859337c27795401799a9e2ac6c1d8816b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:55:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 0
expires: Thu, 30 Jun 2022 09:55:44 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
793 B 67ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:55:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
550 B 45ms
22ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:55:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 462 B
276 B 678ms
678ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1096025088954002&correlator=2545449448720823&eid=31068158%2C44761477&output=ldjh&gdfp_req=1&vrg=2022062701&ptt=17&impl=fifs&iu_parts=21589405%2Cca-pub-1862194061110379-tag%2C5115821242&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=3810736027&sfv=1-0-38&ecs=20220630&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1656582944786&lmt=1656582944&dlt=1656582942273&idt=2486&biw=1600&bih=1200&adxs=436&adys=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&frm=20&vis=1&scr_x=0&scr_y=0&psz=1000x-1&msz=1000x-1&fws=0&ohw=0&ga_vid=1106156460.1656582945&ga_sid=1656582945&ga_hid=1738100419&ga_fc=false&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

93fea56abdc61c6717d54a30e86a8d2d07fac1402df07f4c42c93a2c78aa4fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://orientaldaily.on.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D232 6 KB
4 KB 67ms
16ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 09:55:44 GMT
expires: Fri, 30 Jun 2023 09:55:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ajs.php Show response
ad4.on.cc/web/www/delivery/ 780 B
661 B 251ms
251ms Script
text/javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=1122
Requested by: Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=1105&adScreenW=1600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 362f0078a407ebe75f39ff73c9adf4700c16126d42c229dbaca66db96b1a0eb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Jun 2022 09:55:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
cf-ray: 7236072deef29279-FRA
content-type: text/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 lg.php
ad4.on.cc/web/www/delivery/ 43 B
196 B 219ms
218ms Image
image/gif 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4.on.cc/web/www/delivery/lg.php?bannerid=6439&campaignid=3459&zoneid=1105&loc=1&referer=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&cb=266a75554f
Requested by: Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=1105&adScreenW=1600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:45 GMT
cf-cache-status: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
content-length: 43
pragma: no-cache
last-modified: Thu, 30 Jun 2022 09:55:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
accept-ranges: bytes
cf-ray: 7236072deef79279-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 tag Show response
a.teads.tv/page/134375/ 790 B
690 B 122ms
28ms Script
application/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/134375/tag
Requested by: Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=1122
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ea7e05189d5512150dd04b56e523912e88c39d276da17c0e56ba2356ba785d64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:45 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 489
expires: Thu, 30 Jun 2022 10:55:45 GMT

GET
H2 200 lg.php
ad4.on.cc/web/www/delivery/ 43 B
206 B 247ms
247ms Image
image/gif 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4.on.cc/web/www/delivery/lg.php?bannerid=6455&campaignid=2623&zoneid=1122&loc=1&referer=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&cb=5b10d4ce8f
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:45 GMT
cf-cache-status: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
content-length: 43
pragma: no-cache
last-modified: Thu, 30 Jun 2022 09:55:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
accept-ranges: bytes
cf-ray: 7236072f78f99279-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 32ms
17ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:55:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 33ms
18ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:55:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 474 B
297 B 3067ms
3067ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1096025088954002&correlator=2545449448720823&eid=31068158%2C44761477&output=ldjh&gdfp_req=1&vrg=2022062701&ptt=17&impl=fifs&iu_parts=21589405%2Cca-pub-1862194061110379-tag%2CODN_ROS_inRead_LREC_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=2&adks=2736857423&sfv=1-0-38&ecs=20220630&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1656582945198&lmt=1656582945&dlt=1656582942273&idt=2486&biw=1600&bih=1200&adxs=318&adys=1024&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x250&fws=0&ohw=0&ga_vid=1106156460.1656582945&ga_sid=1656582945&ga_hid=1738100419&ga_fc=false&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

16260994f41ade51bc917ff94eb7182a0ad2210e801f7bf9c9f1b0dfe25735b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 267
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://orientaldaily.on.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 474 B
299 B 3851ms
3850ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1096025088954002&correlator=2545449448720823&eid=31068158%2C44761477&output=ldjh&gdfp_req=1&vrg=2022062701&ptt=17&impl=fifs&iu_parts=21589405%2Cca-pub-1862194061110379-tag%2CODN_ROS_inRead_LREC_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=3&adks=364997429&sfv=1-0-38&ecs=20220630&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1656582945204&lmt=1656582945&dlt=1656582942273&idt=2486&biw=1600&bih=1200&adxs=627&adys=1024&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x250&fws=0&ohw=0&ga_vid=1106156460.1656582945&ga_sid=1656582945&ga_hid=1738100419&ga_fc=false&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

833b346d8f3502bd1458bd3b684248778aab05223366e41470c0a013f74e459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 269
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://orientaldaily.on.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ajs.php Show response
ad4.on.cc/web/www/delivery/ 5 KB
2 KB 235ms
235ms Script
text/javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=1106&adScreenW=1600
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-banner.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ce43ce6a59e5d2e5a115d0fee787ed219f53992ce7f2d9c77a6fde54357a086

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Jun 2022 09:55:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
cf-ray: 7236072f99149279-FRA
content-type: text/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ 600 KB
132 KB 30ms
29ms Script
text/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/134375/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bb6671cf0cbb1c9bc49301806f6d40330f28492a49ea5f9ab42a9c4e2975d26f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 30 Jun 2022 09:55:45 GMT
content-encoding: br
last-modified: Wed, 29 Jun 2022 13:33:43 GMT
x-amz-request-id: WHKKCZAWM065ME36
etag: "d422b28c494be8ad5133cd4588020db7"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: 3
accept-ranges: bytes
content-length: 134138
x-amz-id-2: tLW0C04x62TF0vkU5777PZUcbo6TK1B8zxR/YLjFq7LJfhhvIqpjirL3jggigmh25vtWsGt4J5w=
expires: Thu, 30 Jun 2022 10:25:45 GMT

GET
H2 200 lg.php
ad4.on.cc/web/www/delivery/ 43 B
129 B 220ms
220ms Image
image/gif 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4.on.cc/web/www/delivery/lg.php?bannerid=6283&campaignid=3459&zoneid=1106&loc=1&referer=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&cb=bc04ff3002
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:45 GMT
cf-cache-status: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
content-length: 43
pragma: no-cache
last-modified: Thu, 30 Jun 2022 09:55:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
accept-ranges: bytes
cf-ray: 723607314b609279-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:55:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:55:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 457 B
286 B 4053ms
4053ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1096025088954002&correlator=2545449448720823&eid=31068158%2C44761477&output=ldjh&gdfp_req=1&vrg=2022062701&ptt=17&impl=fifs&iu_parts=21589405%2Cca-pub-1862194061110379-tag%2CODN_ROS_inRead_LREC_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=4&adks=2538507356&sfv=1-0-38&ecs=20220630&fsapi=false&sc=1&cookie=ID%3D46f1c4f1af7d2b8e-222913e4c2cd0005%3AT%3D1656582944%3AS%3DALNI_MbrsauRIB-DaQfLBc2VJDcMTiIQJw&abxe=1&dt=1656582945486&lmt=1656582945&dlt=1656582942273&idt=2486&biw=1600&bih=1200&adxs=473&adys=1841&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&frm=20&vis=1&scr_x=0&scr_y=0&psz=609x0&msz=609x0&fws=0&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1106156460.1656582945&ga_sid=1656582945&ga_hid=1738100419&ga_fc=false&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

d16764885f976842c9157e7ee62b3c0187b4bb2dcda7d00555c1e2ce801581f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://orientaldaily.on.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK orientaldaily_hk.js Show response
api.popin.cc/searchbox/ 121 KB
33 KB 1391ms
550ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/searchbox/orientaldaily_hk.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 6ce9771f22be75ec6fd91a7c31765ce43cf2949b2fa81cba48416569443eb5f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 09:55:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Jun 2022 09:45:48 GMT
Server: nginx
ETag: W/"c27c372ffcfb81c8a34b096300589d44"
X-Cache-Status: HIT from 10.252.55.26
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: wcVkZxm4adgGA0wVHLhQKFz.S67BrUDl
Expires: Thu, 30 Jun 2022 10:55:46 GMT

GET
H2 200 ajs.php Show response
ad4.on.cc/web/www/delivery/ 3 KB
997 B 257ms
257ms Script
text/javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=697&adScreenW=1600
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-banner.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ae6ab60cb6194dd9d86d5aefb57100abbdfc5ef7d2a2a069d18b5e3a8b1a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Jun 2022 09:55:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
cf-ray: 723607316b829279-FRA
content-type: text/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 postscribe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/ 17 KB
6 KB 55ms
21ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js

Requested by

Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=697&adScreenW=1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe95a4c752590b7e2d5296446643300206175ff9312c477057c1c9dec02e9f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 30 Jun 2022 09:55:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1166429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4996
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03faa-43d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uv4wY5o1xRcIt%2BcPszVWzU6VUYGzSwxE%2BvNPJvjEr%2F1qouMFM9DmsIBQrvtIwQBS0XbSCsX0aMuID8HKFnxYFWDmpYNesojdAbPp4MLtXbSNadECFRcufR67OPPq9Wwkiklz4k4hmAIAuPVHEDSMkon3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 723607333b9123c7-ZRH
expires: Tue, 20 Jun 2023 09:55:45 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
27 KB 19ms
18ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=697&adScreenW=1600

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

sffe /

Resource Hash

d4419a80e846904c17f2483704bb36ab6dca21ce900fd7fdb5be4be442064da0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28070
x-xss-protection: 0
server: sffe
etag: "1259 / 42 of 1000 / last-modified: 1656578599"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 30 Jun 2022 09:55:45 GMT

GET
H2 200 lg.php
ad4.on.cc/web/www/delivery/ 43 B
105 B 234ms
234ms Image
image/gif 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4.on.cc/web/www/delivery/lg.php?bannerid=6300&campaignid=367&zoneid=697&loc=1&referer=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&cb=13d8b76c54
Requested by: Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=697&adScreenW=1600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:45 GMT
cf-cache-status: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
content-length: 43
pragma: no-cache
last-modified: Thu, 30 Jun 2022 09:55:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
accept-ranges: bytes
cf-ray: 723607330dc29279-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:55:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:55:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 451 B
276 B 4107ms
4106ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1096025088954002&correlator=2545449448720823&eid=31068158%2C44761477&output=ldjh&gdfp_req=1&vrg=2022062701&ptt=17&impl=fifs&iu_parts=21589405%2Cca-pub-1862194061110379-tag%2CODN_ROS_300x600&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250&ifi=5&adks=587134436&sfv=1-0-38&ecs=20220630&fsapi=false&sc=1&cookie=ID%3D46f1c4f1af7d2b8e-222913e4c2cd0005%3AT%3D1656582944%3AS%3DALNI_MbrsauRIB-DaQfLBc2VJDcMTiIQJw&abxe=1&dt=1656582945819&lmt=1656582945&dlt=1656582942273&idt=2486&biw=1600&bih=1200&adxs=990&adys=224&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x250&fws=0&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1106156460.1656582945&ga_sid=1656582945&ga_hid=1738100419&ga_fc=false&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

e87acdff1b424f759f4ae178a9b5f2cd613162ad9ca9107eab6a1b4d00764130

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 245
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://orientaldaily.on.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ajs.php Show response
ad4.on.cc/web/www/delivery/ 6 KB
2 KB 886ms
886ms Script
text/javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=695&adScreenW=1600
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-banner.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aff472c0460de9a351a5bf68578c5a1afbfb0f2c5f280d738a1b3f088950baa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Jun 2022 09:55:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
cf-ray: 723607336e4d9279-FRA
content-type: text/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 163 KB
55 KB 43ms
28ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3571272074788370

Requested by

Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=695&adScreenW=1600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95ab726b785690da545e3b233dfea826e8ea269b79a858247eb6650dfe67f863

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Origin: https://orientaldaily.on.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56376
x-xss-protection: 0
server: cafe
etag: 3976181767896927294
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 09:55:46 GMT

GET
H2 200 floatingCloseBtn.png
ad6.on.cc/web/html/ 2 KB
2 KB 43ms
33ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad6.on.cc/web/html/floatingCloseBtn.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be65b1c567e1f7558833b17c954318334b0e687a81cf4b77978460c58d210561

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:46 GMT
cf-cache-status: HIT
x-cacheable: L04
age: 11817
content-length: 1859
x-varnish: 80096741 80096267
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 17 Jul 2014 09:48:29 GMT
server: cloudflare
etag: "743-4fe608afd1540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=21600, s-maxage=21600
accept-ranges: bytes
cf-ray: 723607390e2f9279-FRA

GET
H2 200 lg.php
ad4.on.cc/web/www/delivery/ 43 B
105 B 246ms
246ms Image
image/gif 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4.on.cc/web/www/delivery/lg.php?bannerid=6631&campaignid=2168&zoneid=695&loc=1&referer=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&cb=69b6785aa4
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:46 GMT
cf-cache-status: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
content-length: 43
pragma: no-cache
last-modified: Thu, 30 Jun 2022 09:55:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
accept-ranges: bytes
cf-ray: 72360738fe109279-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:55:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:55:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
10 KB 3942ms
3941ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1096025088954002&correlator=2545449448720823&eid=31068158%2C44761477&output=ldjh&gdfp_req=1&vrg=2022062701&ptt=17&impl=fifs&iu_parts=21589405%2Cca-pub-1862194061110379-tag%2C7647740102&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=6&adks=2411272266&sfv=1-0-38&ecs=20220630&fsapi=false&sc=1&cookie=ID%3D46f1c4f1af7d2b8e-222913e4c2cd0005%3AT%3D1656582944%3AS%3DALNI_MbrsauRIB-DaQfLBc2VJDcMTiIQJw&abxe=1&dt=1656582946716&lmt=1656582946&dlt=1656582942273&idt=2486&biw=1600&bih=1200&adxs=0&adys=950&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&fws=512&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1106156460.1656582945&ga_sid=1656582945&ga_hid=1738100419&ga_fc=false&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

8b7ccc05b6503041f9cdcfa664dfc61abb503723b60aca20f950804dc2421133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10029
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://orientaldaily.on.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ajs.php Show response
ad4.on.cc/web/www/delivery/ 3 KB
1 KB 249ms
249ms Script
text/javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=700&adScreenW=1600
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/odn-banner.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e4e4c35ff87a36336019407020403e1d73d317c7c49803e549ac705ce27e05e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Jun 2022 09:55:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
cf-ray: 723607390e309279-FRA
content-type: text/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/ 339 KB
120 KB 49ms
34ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3571272074788370&plah=orientaldaily.on.cc

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3a9008a5f8f4e7f7840247168c1c335f01652d81cd205c86a824d9e483434af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122440
x-xss-protection: 0
server: cafe
etag: 15139616284389340667
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 09:55:46 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 12 B
248 B 15ms
15ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=orientaldaily.on.cc&callback=_gfp_s_&client=ca-pub-3571272074788370&cookie=ID%3D46f1c4f1af7d2b8e-222913e4c2cd0005%3AT%3D1656582944%3AS%3DALNI_MbrsauRIB-DaQfLBc2VJDcMTiIQJw

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3571272074788370&plah=orientaldaily.on.cc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:55:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:55:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&tn=DIV&id=floatingLRECholder&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DFCD 0
20 B 70ms
56ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&adk=1812271804&adf=3025194257&lmt=1656582946&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656582946771&bpp=2&bdt=4498&idt=91&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D46f1c4f1af7d2b8e-222913e4c2cd0005%3AT%3D1656582944%3AS%3DALNI_MbrsauRIB-DaQfLBc2VJDcMTiIQJw&nras=1&correlator=5216671937182&frm=20&pv=2&ga_vid=1106156460.1656582945&ga_sid=1656582945&ga_hid=1738100419&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067528&oid=2&pvsid=1096025088954002&tmod=616171689&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&dtd=110

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 09:55:46 GMT
expires: Thu, 30 Jun 2022 09:55:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 lg.php
ad4.on.cc/web/www/delivery/ 43 B
217 B 215ms
214ms Image
image/gif 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4.on.cc/web/www/delivery/lg.php?bannerid=6440&campaignid=367&zoneid=700&loc=1&referer=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&cb=3da0e494fa
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
cf-cache-status: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
content-length: 43
pragma: no-cache
last-modified: Thu, 30 Jun 2022 09:55:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
accept-ranges: bytes
cf-ray: 7236073aafd29279-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:55:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:55:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
10 KB 4241ms
4241ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1096025088954002&correlator=2545449448720823&eid=31068158%2C44761477&output=ldjh&gdfp_req=1&vrg=2022062701&ptt=17&impl=fifs&iu_parts=21589405%2Cca-pub-1862194061110379-tag%2CODN_ROS_160x600%2C3812980652&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=120x240%7C120x600%7C160x600%2C300x250&ifi=8&adks=2228334386%2C187816107&sfv=1-0-38&ecs=20220630&fsapi=false&sc=1&cookie=ID%3D46f1c4f1af7d2b8e-222913e4c2cd0005%3AT%3D1656582944%3AS%3DALNI_MbrsauRIB-DaQfLBc2VJDcMTiIQJw&abxe=1&dt=1656582946980&lmt=1656582946&dlt=1656582942273&idt=2486&biw=1600&bih=1200&adxs=150%2C990&adys=572%2C865&ucis=7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&frm=20&vis=1&scr_x=0&scr_y=0&psz=160x-1%7C300x255&msz=160x-1%7C300x0&fws=512%2C0&ohw=0%2C0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1106156460.1656582945&ga_sid=1656582945&ga_hid=1738100419&ga_fc=false&btvi=0%7C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

ceeb22b10688dd47283a8240cd51ea256a741b707d76013a1ed28f477d5c73e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9955
x-xss-protection: 0
google-lineitem-id: -1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://orientaldaily.on.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 search_odn.png
orientaldaily.on.cc/img/v3/ 2 KB
3 KB 226ms
225ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/search_odn.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-common.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb34cfc714990dfc7c8b1e82f6ef39a654e92384973be4d3168964f8fd76d5c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-common.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
cf-cache-status: HIT
x-cacheable: L08
content-type: image/png
content-length: 2462
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 May 2021 05:08:40 GMT
server: cloudflare
etag: "99e-5c165f46a0600"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 77131524
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 7236073abfef9279-FRA
expires: Thu, 30 Jun 2022 08:12:14 GMT

GET
H2 200 back_to_top.png
orientaldaily.on.cc/img/v3/ 2 KB
2 KB 221ms
221ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/back_to_top.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-common.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1800b1aae8b82ca1b555d3a270660961aa37a1a0d27f9f84497dcd773fda3d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-common.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
cf-cache-status: HIT
x-cacheable: L08
content-type: image/png
content-length: 1669
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 31 May 2021 08:24:40 GMT
server: cloudflare
etag: "685-5c39bf4ebe200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 108654108 109293065
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7236073abff09279-FRA
expires: Thu, 30 Jun 2022 08:55:55 GMT

GET
H2 200 track
t.teads.tv/ 23 B
114 B 86ms
44ms Image
image/gif 104.89.28.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=77f38d80-9145-4ad8-85de-c902e4a85346&pageId=134375&pid=147521&debug_metadata=VLwn7anURB&fv=1046&ts=1656582947002&f=1&referer=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-28-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
144 B 98ms
55ms Image
image/gif 104.89.28.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=77f38d80-9145-4ad8-85de-c902e4a85346&pageId=134375&pid=147521&slot=native&fv=1046&ts=1656582947024&f=1&referer=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-28-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 ad Show response
a.teads.tv/page/134375/ 541 B
579 B 71ms
70ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/134375/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&page=%7B%22id%22%3A134375%2C%22placements%22%3A%5B%7B%22id%22%3A147521%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A609%2C%22height%22%3A343%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=77f38d80-9145-4ad8-85de-c902e4a85346&formatVersion=1046&env=js-web&netBw=10&ttfb=242
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 60198b5f3d89a81720a43c2af2ee3b2974a024811d1843502f083c7955a1f815

Request headers

Accept: application/json; charset=UTF-8
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:47 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://orientaldaily.on.cc
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 368
expires: Thu, 30 Jun 2022 09:55:47 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 29ms
8ms Script
application/javascript 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js?t=2022530
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 00:19:22 GMT
content-encoding: gzip
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified: Thu, 09 Jun 2022 14:24:43 GMT
server: AmazonS3
age: 70220
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: HTm1loOkmVGvg7Uv51JKPCu8tt9Tqbavm1XEmYKRf7T8AmJiX4JNLw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3579
date: Thu, 30 Jun 2022 08:56:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 30 Jun 2022 10:56:08 GMT

GET
H2 200 config.common.min.js Show response
orientaldaily.on.cc/js/v3/ 2 KB
1003 B 224ms
223ms Script
application/x-javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/config.common.min.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/require.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98f79e72e80267adf8bf25528117eed154dff966cb31838d3c002362ac838bec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
content-type: application/x-javascript
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 22 Jul 2021 02:49:21 GMT
server: cloudflare
etag: W/"751-5c7ad557bce40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 73053735
cache-control: public, max-age=120, s-maxage=3600
cf-ray: 7236073af82f9279-FRA
expires: Thu, 30 Jun 2022 08:12:10 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 7ms
7ms Image
text/plain 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=7914332&c3=&c4=&c5=&c6=&c15=&cs_it=b3&cv=3.8.0.210223&ns__t=1656582947060&ns_c=UTF-8&c7=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&c8=%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE%20-%20%E6%9D%B1%E6%96%B9%E6%97%A5%E5%A0%B1&c9=
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 8N6yCnL1evfDviKOeWCjFWiVkJ3T300xS172suV3uBllRqnGPwu-Rg==
x-cache: Miss from cloudfront

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 28ms
14ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1738100419&t=pageview&_s=1&dl=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&ul=en-us&de=UTF-8&dt=%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE%20-%20%E6%9D%B1%E6%96%B9%E6%97%A5%E5%A0%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAAABAAAAAC~&jid=1358260351&gjid=13866616&cid=1106156460.1656582945&tid=UA-57924738-1&_gid=1820641680.1656582947&_r=1&_slc=1&z=1868988267

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://orientaldaily.on.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
442 B 60ms
20ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-57924738-1&cid=1106156460.1656582945&jid=1358260351&gjid=13866616&_gid=1820641680.1656582947&_u=IAhAAAAAAAAAAC~&z=1847374972

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 30 Jun 2022 09:55:47 GMT
content-type: text/plain
access-control-allow-origin: https://orientaldaily.on.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK td_js_sdk_171.js Show response
api.popin.cc/ 34 KB
13 KB 284ms
284ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/td_js_sdk_171.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/orientaldaily_hk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 09:55:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Jan 2018 09:42:51 GMT
Server: nginx
ETag: W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status: HIT from 10.252.55.26
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: null
Expires: Thu, 30 Jun 2022 10:55:47 GMT

GET
H2 200 recommend Show response
hk.popin.cc/popin_discovery/ 123 KB
28 KB 1315ms
780ms Script
application/javascript 119.63.198.189
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://hk.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&&device=pc&media=orientaldaily.on.cc_hk&extra=windows&agency=ftk&topn=50&ad=15&r_category=all&country=hk&redirect=true&channel=country_tw&uid=aa62cd9311902212e5f1656582947164&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTAzLjAuNTA2MCIsInVzZXJfdGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidXNlcl90ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInVzZXJfdGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDMuMC41MDYwLjUzIFNhZmFyaS81MzcuMzYiLCJ1c2VyX3RkX3JlZmVycmVyIjoiIiwidXNlcl90ZF9wYXRoIjoiL2NvbnRlbnQvJUU3JTk0JUEyJUU3JUI2JTkzL29kbi0yMDIyMDYzMC0wNjMwXzAwMjAyXzAzNS8lRTYlQjglQTMlRTYlODklOTMlRTYlOTMlQUMlRTUlODYlOEQlRTYlOTUlQjQlRTUlOTAlODglRTUlOEQlQjAlRTUlQkElQTYlRTglQjIlQjglRTYlQUMlQkUiLCJ1c2VyX3RkX2NoYXJzZXQiOiJ1dGYtOCIsInVzZXJfdGRfbGFuZ3VhZ2UiOiJlbi11cyIsInVzZXJfdGRfY29sb3IiOiIyNC1iaXQiLCJ1c2VyX3RkX3RpdGxlIjoiJUU2JUI4JUEzJUU2JTg5JTkzJUU2JTkzJUFDJUU1JTg2JThEJUU2JTk1JUI0JUU1JTkwJTg4JUU1JThEJUIwJUU1JUJBJUE2JUU4JUIyJUI4JUU2JUFDJUJFJTIwLSUyMCVFNiU5RCVCMSVFNiU5NiVCOSVFNiU5NyVBNSVFNSVBMCVCMSIsInVzZXJfdGRfdXJsIjoiaHR0cHM6Ly9vcmllbnRhbGRhaWx5Lm9uLmNjL2NvbnRlbnQvJUU3JTk0JUEyJUU3JUI2JTkzL29kbi0yMDIyMDYzMC0wNjMwXzAwMjAyXzAzNS8lRTYlQjglQTMlRTYlODklOTMlRTYlOTMlQUMlRTUlODYlOEQlRTYlOTUlQjQlRTUlOTAlODglRTUlOEQlQjAlRTUlQkElQTYlRTglQjIlQjglRTYlQUMlQkUiLCJ1c2VyX3RkX3BsYXRmb3JtIjoiV2luMzIiLCJ1c2VyX3RkX2hvc3QiOiJvcmllbnRhbGRhaWx5Lm9uLmNjIiwidXNlcl9kZXZpY2UiOiJwYyIsInVzZXJfdGltZSI6MTY1NjU4Mjk0NzE2NSwiZnJ1aXRfYm94X3Bvc2l0aW9uIjoiIiwiZnJ1aXRfc3R5bGUiOiIifQ==&callback=_p6_96aa53cf89cc
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/orientaldaily_hk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.189 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 27efe1fbf4e46321b8e5f5db48a096fa34be7190708286f606f5bb7257f6a0da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: nginx/1.13.5
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8

GET
H/1.1 200
OK popin_discovery5-min.js Show response
api.popin.cc/ 154 KB
42 KB 520ms
520ms Script
application/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/popin_discovery5-min.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/orientaldaily_hk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 77d3a6b19e6eac0ab89be6d6d6754ca0fd0ee47beb8b39350ecc6b534ee95281

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 09:55:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 May 2022 05:04:08 GMT
Server: nginx
ETag: W/"455b85d8c8e61303fd231d2415058c18"
X-Cache-Status: HIT from 10.252.55.44
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: 7goFykhV809rshrE2QHSfol2kmepeVDO
Expires: Thu, 30 Jun 2022 10:55:47 GMT

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
347 B 1063ms
260ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxMywidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAzLjAuNTA2MC41MyBTYWZhcmkvNTM3LjM2Iiwicl91cmwiOiJodHRwczovL29yaWVudGFsZGFpbHkub24uY2MvY29udGVudC8lRTclOTQlQTIlRTclQjYlOTMvb2RuLTIwMjIwNjMwLTA2MzBfMDAyMDJfMDM1LyVFNiVCOCVBMyVFNiU4OSU5MyVFNiU5MyVBQyVFNSU4NiU4RCVFNiU5NSVCNCVFNSU5MCU4OCVFNSU4RCVCMCVFNSVCQSVBNiVFOCVCMiVCOCVFNiVBQyVCRSJ9&t=1656582947162
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 09:55:48 GMT
Last-Modified: Fri, 10 Jan 2020 11:34:08 GMT
Server: nginx/1.13.5
ETag: "5e186130-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
347 B 1068ms
260ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNCwidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAzLjAuNTA2MC41MyBTYWZhcmkvNTM3LjM2IiwiYXBpX2hvc3QiOiJoay5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJvcmllbnRhbGRhaWx5Lm9uLmNjX2hrIiwidXJsIjoiaHR0cHM6Ly9vcmllbnRhbGRhaWx5Lm9uLmNjL2NvbnRlbnQvJUU3JTk0JUEyJUU3JUI2JTkzL29kbi0yMDIyMDYzMC0wNjMwXzAwMjAyXzAzNS8lRTYlQjglQTMlRTYlODklOTMlRTYlOTMlQUMlRTUlODYlOEQlRTYlOTUlQjQlRTUlOTAlODglRTUlOEQlQjAlRTUlQkElQTYlRTglQjIlQjglRTYlQUMlQkUiLCJsb2MiOiJodHRwczovL29yaWVudGFsZGFpbHkub24uY2MvY29udGVudC8lRTclOTQlQTIlRTclQjYlOTMvb2RuLTIwMjIwNjMwLTA2MzBfMDAyMDJfMDM1LyVFNiVCOCVBMyVFNiU4OSU5MyVFNiU5MyVBQyVFNSU4NiU4RCVFNiU5NSVCNCVFNSU5MCU4OCVFNSU4RCVCMCVFNSVCQSVBNiVFOCVCMiVCOCVFNiVBQyVCRSJ9&t=1656582947167
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 09:55:48 GMT
Last-Modified: Thu, 13 Dec 2018 07:32:33 GMT
Server: nginx/1.13.5
ETag: "5c120b11-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
347 B 1101ms
270ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjowLCJhcGlfaG9zdCI6ImhrLnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6Im9yaWVudGFsZGFpbHkub24uY2NfaGsiLCJ1cmwiOiJodHRwczovL29yaWVudGFsZGFpbHkub24uY2MvY29udGVudC8lRTclOTQlQTIlRTclQjYlOTMvb2RuLTIwMjIwNjMwLTA2MzBfMDAyMDJfMDM1LyVFNiVCOCVBMyVFNiU4OSU5MyVFNiU5MyVBQyVFNSU4NiU4RCVFNiU5NSVCNCVFNSU5MCU4OCVFNSU4RCVCMCVFNSVCQSVBNiVFOCVCMiVCOCVFNiVBQyVCRSIsInVpZCI6ImFhNjJjZDkzMTE5MDIyMTJlNWYxNjU2NTgyOTQ3MTY0IiwidGRfdGl0bGUiOiIiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6NiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMDMuMC41MDYwIn0=&t=1656582947169
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 09:55:48 GMT
Last-Modified: Fri, 10 Jan 2020 11:34:08 GMT
Server: nginx/1.13.5
ETag: "5e186130-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H2 200 odn-content.min.js Show response
orientaldaily.on.cc/js/v3/app/ 10 KB
3 KB 231ms
229ms Script
application/x-javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/app/odn-content.min.js?
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/require.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b076cd3e801782f9dc52ec4eb3f9c3a9c493f26277db261453ae6969f463710f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
x-varnish: 138226287 138226165
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jun 2022 03:01:05 GMT
server: cloudflare
etag: W/"264f-5e214aa1ffe40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7236073c7a479279-FRA
expires: Thu, 30 Jun 2022 08:34:48 GMT

GET
H2 200 unicorp_v4.js Show response
on.cc/adv/web/corp/source/ 59 KB
14 KB 226ms
224ms Script
application/javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on.cc/adv/web/corp/source/unicorp_v4.js?
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/require.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1f67310a50c4720ca438927ad499f0eb5adf421b8106f950d4b4a3d4a7575ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
cf-ray: 7236073c7a4c9279-FRA
x-host: WL24
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 27 Jan 2022 01:52:16 GMT
server: cloudflare
etag: W/"61f1fad0-ecaf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 10876351 17794467
cache-control: public, max-age=5, s-maxage=5
content-type: application/javascript

GET
H2 200 urchin.js Show response
orientaldaily.on.cc/js/v3/lib/ 18 KB
6 KB 230ms
228ms Script
application/x-javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/lib/urchin.js?
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/require.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab229322552892c8734d333a6b52b479f3d9cf7c8a1fc9cf2d8bd6ba3420284b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
x-varnish: 54415067 55410967
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Feb 2012 06:36:24 GMT
server: cloudflare
etag: W/"4661-4b95f83604a00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7236073c7a509279-FRA
expires: Thu, 30 Jun 2022 08:12:43 GMT

GET
H2 200 urchin-lib.js Show response
orientaldaily.on.cc/js/v3/lib/ 1 KB
581 B 34ms
32ms Script
application/x-javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/lib/urchin-lib.js?
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/require.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 202370a6bb2899416c9ae48d85030b16576d76dd43c21af78ca42e2ecae0e8d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
age: 2926
x-varnish: 55219704
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 24 May 2021 04:21:30 GMT
server: cloudflare
etag: W/"46a-5c30bbe668680"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7236073c7a539279-FRA
expires: Thu, 30 Jun 2022 09:12:13 GMT

GET
H2 200 rollSlider.min.js Show response
orientaldaily.on.cc/js/v3/lib/ 5 KB
2 KB 232ms
231ms Script
application/x-javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/lib/rollSlider.min.js?
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/require.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8544fa9f4620e661e6b65d5189b43f284d3a23c1e25b5b6e197ddaf6f36b8ab0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
x-varnish: 54415060 54580784
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Dec 2020 05:04:17 GMT
server: cloudflare
etag: W/"1205-5b5600f049640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=30, s-maxage=30
cf-ray: 7236073c7a559279-FRA
expires: Thu, 30 Jun 2022 08:42:39 GMT

GET
H2 200 slick.min.js Show response
orientaldaily.on.cc/js/v3/lib/ 42 KB
11 KB 218ms
217ms Script
application/x-javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/lib/slick.min.js?
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/require.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
content-type: application/x-javascript
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 May 2020 02:49:40 GMT
server: cloudflare
etag: W/"a76f-5a5e336da7900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 98074943 97568013
cache-control: public, max-age=120, s-maxage=3600
cf-ray: 7236073c7a579279-FRA
expires: Thu, 30 Jun 2022 08:47:24 GMT

GET
H2 200 bootstrap.min.js Show response
netdna.bootstrapcdn.com/bootstrap/3.1.1/js/ 28 KB
8 KB 85ms
38ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/bootstrap/3.1.1/js/bootstrap.min.js?

Requested by

Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723
age: 993508
cdn-cachedat: 11/16/2021 09:13:38
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 739b38fabd92f308ba82a953ce2ea6c7
cf-ray: 7236073ccbb60221-ZRH
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 yahoo_keywords.js Show response
on.cc/adv/web/corp/js/ 4 KB
727 B 24ms
22ms Script
application/javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on.cc/adv/web/corp/js/yahoo_keywords.js
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79c369802018b75882ec40d4896c33c99ff78227d8ccce93357fc8167b32d386

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
age: 3
cf-ray: 7236073dec219279-FRA
x-host: WL24
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Mar 2011 04:11:26 GMT
server: cloudflare
etag: W/"4d76fdee-1198"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 189868259 189331228
cache-control: public, max-age=5, s-maxage=5
content-type: application/javascript

GET
H2 200 unicorp_disclaimer.js Show response
on.cc/adv/web/corp/source/ 4 KB
1 KB 21ms
21ms Script
application/javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on.cc/adv/web/corp/source/unicorp_disclaimer.js
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 112aba6073ee49f1843f50fb5239e2d7c8a004325b50bd7f93ab093cb6b72e4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
age: 3
cf-ray: 7236073dec259279-FRA
x-host: WL24
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 31 Aug 2021 06:55:25 GMT
server: cloudflare
etag: W/"612dd25d-f2a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 2457609 65542
cache-control: public, max-age=5, s-maxage=5
content-type: application/javascript

GET
H2 200 unicorp_v4.css
on.cc/adv/web/corp/source/ 7 KB
2 KB 22ms
21ms Stylesheet
text/css 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on.cc/adv/web/corp/source/unicorp_v4.css?v=31
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_v4.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cdfc421265602e0a9c952b7c9e7ee8f58cfbdfb27b0d3649b818ecbb24f8908

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
age: 4
cf-ray: 7236073dec269279-FRA
x-host: WL25
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 27 May 2020 01:59:01 GMT
server: cloudflare
etag: W/"5ecdc965-1de5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 19258160 25346386
cache-control: public, max-age=30, s-maxage=300
content-type: text/css

GET
H2 200 checkrev.gif
home.on.cc/adv/web/corp/img/ 43 B
207 B 21ms
20ms Image
image/gif 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://home.on.cc/adv/web/corp/img/checkrev.gif
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
cf-cache-status: HIT
x-cacheable: L08
age: 14218
cf-ray: 7236073dec279279-FRA
x-host: WL25
content-length: 43
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Oct 2008 03:57:30 GMT
server: cloudflare
etag: "48fc01aa-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 22704921 11391253
cache-control: max-age=300, s-maxage=14400
accept-ranges: bytes
content-type: image/gif

GET
H2 200 photoswipe.min.js Show response
orientaldaily.on.cc/js/v3/lib/photoswipe/ 31 KB
12 KB 240ms
239ms Script
application/x-javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/lib/photoswipe/photoswipe.min.js?
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/require.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 201b64a83ec3a6c9f08e157fbb0d6cbacd971b9fc971c4d4eba6fcefae241cdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
x-varnish: 78064862 78107313
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Jun 2021 10:13:23 GMT
server: cloudflare
etag: W/"7c3c-5c466a422b6c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=120, s-maxage=3600
cf-ray: 7236073dec2e9279-FRA
expires: Thu, 30 Jun 2022 08:55:31 GMT

GET
H2 200 photoswipe-ui-default.min.js Show response
orientaldaily.on.cc/js/v3/lib/photoswipe/ 21 KB
6 KB 226ms
225ms Script
application/x-javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/lib/photoswipe/photoswipe-ui-default.min.js?
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/require.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 710a1d0944895f373adf0e0c726343013e4deb39e09be8e45a276ce8a056368d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
x-varnish: 83824926
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Dec 2020 10:28:26 GMT
server: cloudflare
etag: W/"5431-5b6ba91922680"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=120, s-maxage=3600
cf-ray: 7236073dec309279-FRA
expires: Thu, 30 Jun 2022 08:12:02 GMT

GET
H2 200 photoswipe.custom.js Show response
orientaldaily.on.cc/js/v3/lib/photoswipe/ 6 KB
2 KB 230ms
229ms Script
application/x-javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/lib/photoswipe/photoswipe.custom.js?
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/require.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30cf6386a0c3b987faa377e1d12974e66af9dc0f0b13377eb4c1f532980033c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
x-varnish: 78695547
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 13 Jul 2021 09:19:45 GMT
server: cloudflare
etag: W/"19dd-5c6fdbd174e40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=120, s-maxage=3600
cf-ray: 7236073dec319279-FRA
expires: Thu, 30 Jun 2022 08:38:04 GMT

GET
H2 200 h5player.js Show response
on.cc/module/player/ 304 KB
62 KB 245ms
245ms Script
application/javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on.cc/module/player/h5player.js?
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/require.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0219a5985044cb8f08471d92d7e8aefcfaeef10634fded92940eeebb1c90699

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
cf-ray: 7236073dec329279-FRA
x-host: WL25
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 08:19:32 GMT
server: cloudflare
etag: W/"62bd5c94-4bf65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 105640146 117000268
cache-control: max-age=5, s-maxage=5
content-type: application/javascript

GET
H2 200 unicorp_disclaimer.css
hk.on.cc/adv/web/corp/source/ 1 KB
624 B 28ms
28ms Stylesheet
text/css 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hk.on.cc/adv/web/corp/source/unicorp_disclaimer.css
Requested by: Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_disclaimer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89c5d02602316b77d7d50cb7b8a168c10d707994d6f2aba75788365896bf5ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: Y10
age: 5671
cf-ray: 7236073e0c5d9279-FRA
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Aug 2018 06:48:01 GMT
server: cloudflare
etag: W/"5b67ef21-5ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 60058182
cache-control: public, max-age=1800, s-maxage=14400
content-type: text/css

GET
H2 200 web_btn.png
hk.on.cc/adv/web/corp/img/ 6 KB
6 KB 21ms
20ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/adv/web/corp/img/web_btn.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d00ef9f9dce166845458fc99049b500dd07238787ccc25da41ea7f9ac7fe7b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
cf-cache-status: HIT
x-cacheable: Y09
age: 5668
cf-ray: 7236073e9cfb9279-FRA
content-length: 5752
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Aug 2018 05:34:50 GMT
server: cloudflare
etag: "5b6297fa-1678"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 437048223 437813514
cache-control: public, max-age=7200, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 18ms
17ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:55:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:55:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B0FD 18 KB
10 KB 422ms
421ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=90&slotname=4687187148&adk=190292511&adf=3572679136&pi=t.ma~as.4687187148&w=728&lmt=1656582947&psa=0&format=728x90&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656582947655&bpp=9&bdt=5383&idt=9&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D46f1c4f1af7d2b8e-222913e4c2cd0005%3AT%3D1656582944%3AS%3DALNI_MbrsauRIB-DaQfLBc2VJDcMTiIQJw&prev_fmts=0x0&nras=1&correlator=5216671937182&frm=20&pv=1&ga_vid=1106156460.1656582945&ga_sid=1656582945&ga_hid=1738100419&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067528&oid=2&pvsid=1096025088954002&tmod=616171689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&fsb=1&xpc=mP2XPgQQfY&p=https%3A//orientaldaily.on.cc&dtd=24

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b9a7bda0cf41ad79dcb1adcda9b35158e0763c22ca9cc05ccb40b6ae108d65d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 10016
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 09:55:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe_ysm_utf8.html Show response
orientaldaily.on.cc/js/v3/ Frame B04B 529 B
386 B 219ms
218ms Document
text/html 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/iframe_ysm_utf8.html?device=desktop&section=finance&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07678d180e3556e1ae4e871cc3dd15fdb60e60709a79e424f3675af25a648ce8

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=120, s-maxage=3600
cf-cache-status: HIT
cf-ray: 7236073f8e529279-FRA
content-encoding: br
content-language: zh-TW
content-type: text/html
date: Thu, 30 Jun 2022 09:55:47 GMT
etag: W/"211-5c7b101175b40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 30 Jun 2022 09:27:40 GMT
last-modified: Thu, 22 Jul 2021 07:12:05 GMT
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Accept-Encoding
x-cacheable: L08
x-varnish: 113891676

GET
H2 200 hitCount_842_UTF8.js Show response
hk.on.cc/hk/bkn/hitcount/web/js/ 106 KB
20 KB 68ms
37ms XHR
application/javascript 104.16.170.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hk.on.cc/hk/bkn/hitcount/web/js/hitCount_842_UTF8.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.170.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38f26b6d55e2022f64e2bcfcb4f5480c546481804fdbc99e55acc1db611fbaf0

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: Y09
age: 0
cf-ray: 7236073fba639b2d-FRA
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 09:52:39 GMT
server: cloudflare
etag: W/"62bd7267-1a865"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 445877616 445585923
access-control-allow-origin: *
cache-control: public, max-age=5, s-maxage=5
content-type: application/javascript

GET
H2 200 m18_quotebox_bg.png
orientaldaily.on.cc/img/v3/ 12 KB
12 KB 228ms
228ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/m18_quotebox_bg.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-common.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c246f3f250ca5d05f6ff64bce59ae77784df81c151a1c22b9eba36d9e8effd60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-common.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
cf-cache-status: HIT
x-cacheable: L08
content-type: image/png
content-length: 12451
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 04 Feb 2020 02:26:44 GMT
server: cloudflare
etag: "30a3-59db6c5576100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 43932508
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7236073f8e5e9279-FRA
expires: Thu, 30 Jun 2022 09:12:17 GMT

GET
H2 200 search_engine_patt.gif
orientaldaily.on.cc/img/v3/ 1 KB
1 KB 208ms
208ms Image
image/gif 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/search_engine_patt.gif
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-common.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dfaff152d24ca282243ae4f53ae4d50c909e568ada3be8c24ec725ce14f8423

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-common.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
cf-cache-status: HIT
x-cacheable: L07
content-type: image/gif
content-length: 1318
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Feb 2013 07:02:10 GMT
server: cloudflare
etag: "526-4d5a9d6656080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 96479416 94076422
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7236073f8e5f9279-FRA
expires: Thu, 30 Jun 2022 08:12:10 GMT

GET
H2 200 articleVideo_finance.js Show response
orientaldaily.on.cc/asset/finance/20220630/video/ 2 KB
501 B 233ms
233ms XHR
application/x-javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/asset/finance/20220630/video/articleVideo_finance.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 116b0048cad8af91864a4070f8dea17e735cbc93627d5d411dbd68eda249328e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
x-varnish: 76998240 97142246
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 07:56:39 GMT
server: cloudflare
etag: W/"88a-5e2a59c0afbc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=120, s-maxage=3600
cf-ray: 7236073fae849279-FRA
expires: Thu, 30 Jun 2022 08:12:37 GMT

GET
H2 200 sectmain_20220630.js Show response
orientaldaily.on.cc/section/news/js/168/ 164 KB
34 KB 229ms
227ms XHR
application/json 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/section/news/js/168/sectmain_20220630.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 363cdcdc13363ca0a317e4ac6b82721100ec58593c1cefeafdf6d2f21f56702f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
cf-ray: 7236073fbe869279-FRA
x-host: odnsearchdocker01
x-application-context: application:live:9054
referrer-policy: no-referrer-when-downgrade
server: cloudflare
etag: W/"0bf2181fe34a08cff7fbf7d3f3e0b8285"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 87482333
access-control-allow-origin: *
cache-control: public, max-age=300, s-maxage=300, stale-if-error=86400, stale-while-revalidate=30
content-type: application/json;charset=utf-8
access-control-allow-headers: Content-Type

GET
H2 200 spacer.gif
orientaldaily.on.cc/img/v3/ 43 B
190 B 212ms
210ms Image
image/gif 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/spacer.gif
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
cf-cache-status: HIT
x-cacheable: L08
content-type: image/gif
content-length: 43
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 28 Oct 2008 03:17:50 GMT
server: cloudflare
etag: "2b-45a47b1435380"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 104359546
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7236073fbe879279-FRA
expires: Thu, 30 Jun 2022 08:59:16 GMT

GET
H2 200 search_engine_logo.png
orientaldaily.on.cc/img/v3/ 3 KB
3 KB 229ms
227ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/search_engine_logo.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 179e2131f584aaf223928266ff48c9c85106f9412470680dd4c20084d9060898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: HIT
x-cacheable: L08
content-type: image/png
content-length: 3436
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Feb 2013 08:37:44 GMT
server: cloudflare
etag: "d6c-4d50a3d704600"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 38005193
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7236073fbe889279-FRA
expires: Thu, 30 Jun 2022 09:11:50 GMT

GET
H2 200 search_engine_title.png
orientaldaily.on.cc/img/v3/ 2 KB
2 KB 231ms
230ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/search_engine_title.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf8e07f3863a8dc17833864c5f07759dd35fce17a3ac3e382cfa53b0465d4014

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: HIT
x-cacheable: L07
content-type: image/png
content-length: 1592
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Feb 2013 08:37:44 GMT
server: cloudflare
etag: "638-4d50a3d704600"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 52879687
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7236073fbe8b9279-FRA
expires: Thu, 30 Jun 2022 08:12:20 GMT

GET
H2 200 search_engine_search.png
orientaldaily.on.cc/img/v3/ 6 KB
6 KB 220ms
219ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/search_engine_search.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3abbdee23923fff731b29b9af1621396fb5266a78bc8a4cdfbf70cb47993fdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: HIT
x-cacheable: L08
content-type: image/png
content-length: 6350
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Feb 2013 08:37:44 GMT
server: cloudflare
etag: "18ce-4d50a3d704600"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 39970087 45868767
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7236073fbe8e9279-FRA
expires: Thu, 30 Jun 2022 09:12:21 GMT

GET
H2 200 sp_hk.jpg
orientaldaily.on.cc/img/v3/ 7 KB
7 KB 215ms
214ms Image
image/jpeg 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/sp_hk.jpg
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5577dfc0f7d981f0e52872f70475d085675200dab0f733ba23c4edb03e6124eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
cf-cache-status: HIT
x-cacheable: L07
content-type: image/jpeg
content-length: 7004
x-varnish: 175621357 164156292
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 25 Apr 2018 04:59:12 GMT
server: cloudflare
etag: "1b5c-56aa521c10800"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
expires: Thu, 30 Jun 2022 08:12:23 GMT
cache-control: public, max-age=120, s-maxage=3600
accept-ranges: bytes
cf-ray: 7236073fbe8f9279-FRA
cf-bgj: h2pri

GET
H2 200 __utm.gif
orientaldaily.on.cc/img/ 35 B
248 B 219ms
218ms Image
image/gif 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/__utm.gif?utmwv=1&utmn=1673556023&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE%20-%20%E6%9D%B1%E6%96%B9%E6%97%A5%E5%A0%B1&utmhn=orientaldaily.on.cc&utmr=-&utmp=https://orientaldaily.on.cc/content/finance/odn-20220630-0630_00202_035/
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: DYNAMIC
x-cacheable: NO:Not Cacheable
age: 0
content-type: image/gif
content-length: 35
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 17 Nov 2010 02:43:06 GMT
server: cloudflare
etag: "23-49536a2074280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-language: zh-TW
x-varnish: 98729927
cache-control: no-store, max-age=0
accept-ranges: bytes
cf-ray: 7236073fbe929279-FRA
expires: Thu, 30 Jun 2022 10:05:47 GMT

GET
H2 200 menu.js Show response
hk.on.cc/mobile/js/lib/ 40 KB
9 KB 22ms
21ms Script
application/javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hk.on.cc/mobile/js/lib/menu.js?
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/require.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e88277fb3af2797ea1ed8f612de86557d5926a94711f895adb28a09be31defd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: Y09
age: 5671
cf-ray: 7236073fcea59279-FRA
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 08 Apr 2022 02:37:43 GMT
server: cloudflare
etag: W/"624f9ff7-a01d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 437259999 436752826
cache-control: public, max-age=1800, s-maxage=14400
content-type: application/javascript

GET
H2 200 slidebars.js Show response
orientaldaily.on.cc/js/v3/lib/ 4 KB
2 KB 211ms
211ms Script
application/x-javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/lib/slidebars.js?
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/require.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5f43aeb0f7b3d6beb24841027dd070d88ae08c7529e3a50f4cd0fae5105e01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L08
x-varnish: 205164305 202405426
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 26 May 2021 03:10:48 GMT
server: cloudflare
etag: W/"104e-5c332fd3d7e00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=120, s-maxage=3600
cf-ray: 7236073fcea69279-FRA
expires: Thu, 30 Jun 2022 08:11:51 GMT

GET
H2 200 oncc_playicon.png
hk.on.cc/img/v2/ 2 KB
2 KB 28ms
27ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/img/v2/oncc_playicon.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-common.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 362a819db539b43a089db6fb279b870da7d7ab79d70df11dec2b6f3fce4be612

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-common.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:47 GMT
cf-cache-status: HIT
x-cacheable: Y10
age: 5663
cf-ray: 723607400f189279-FRA
content-length: 2146
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 24 Jul 2019 06:35:20 GMT
server: cloudflare
etag: "5d37fc28-862"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 62237411
cache-control: public, max-age=7200, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 bkn-20220630162008408-0630_00842_001_01s.jpg
hk.on.cc/hk/bkn/cnt/finance/20220630/photo/ 80 KB
80 KB 219ms
216ms Image
image/jpeg 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/photo/bkn-20220630162008408-0630_00842_001_01s.jpg?20220630163258
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca3308cd7b576f05eadbba21318102b7f10def1b3cfea4a00a3840eccbf0ba69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: HIT
x-cacheable: Y10
cf-ray: 723607405f769279-FRA
content-length: 81590
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 08:30:27 GMT
server: cloudflare
etag: "62bd5f23-13eb6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 56697655
cache-control: public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 bkn-20220630092056453-0630_00842_001_01s.jpg
hk.on.cc/hk/bkn/cnt/finance/20220630/photo/ 62 KB
62 KB 223ms
220ms Image
image/jpeg 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/photo/bkn-20220630092056453-0630_00842_001_01s.jpg?20220630162806
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0543b0572fb5233fe7c4004a49e8139cb1ee4ea2ec24485090428692dc25ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: HIT
x-cacheable: Y09
cf-ray: 723607405f7a9279-FRA
content-length: 63304
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 06:42:46 GMT
server: cloudflare
etag: "62bd45e6-f748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 429142677 427880810
cache-control: public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 bkn-20220630095137284-0630_00842_001_01s.jpg
hk.on.cc/hk/bkn/cnt/finance/20220630/photo/ 108 KB
108 KB 235ms
232ms Image
image/jpeg 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/photo/bkn-20220630095137284-0630_00842_001_01s.jpg?20220630162843
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c356781e5dffebe24b1c1bb1939a90471a9e09397e2c5d47d385b26fa8fa99ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: HIT
x-cacheable: Y10
cf-ray: 723607405f7d9279-FRA
content-length: 110261
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 01:51:44 GMT
server: cloudflare
etag: "62bd01b0-1aeb5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 36670198
cache-control: public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 bkn-20220630113536557-0630_00842_001_01s.jpg
hk.on.cc/hk/bkn/cnt/finance/20220630/photo/ 86 KB
86 KB 831ms
829ms Image
image/jpeg 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/photo/bkn-20220630113536557-0630_00842_001_01s.jpg?20220630141127
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8480151cecaa2ec2dfebd120841cc5b0655981e12e7ab80354db5669d84f9632

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: REVALIDATED
x-cacheable: Y10
cf-ray: 723607405f7e9279-FRA
content-length: 87592
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 03:49:07 GMT
server: cloudflare
etag: "62bd1d33-15628"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 44145110
cache-control: public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 bkn-20220629212946651-0629_00842_001_01s.jpg
hk.on.cc/hk/bkn/cnt/finance/20220629/photo/ 91 KB
91 KB 236ms
234ms Image
image/jpeg 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/hk/bkn/cnt/finance/20220629/photo/bkn-20220629212946651-0629_00842_001_01s.jpg?20220629214049
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9674a6e7b407e2b658339481bcc5ded7da98f41075104c83592af4459750db87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: HIT
x-cacheable: Y09
cf-ray: 723607405f7f9279-FRA
content-length: 92888
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 29 Jun 2022 13:36:53 GMT
server: cloudflare
etag: "62bc5575-16ad8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 367205722
cache-control: public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 bkn-20220630115801289-0630_00842_001_01s.jpg
hk.on.cc/hk/bkn/cnt/finance/20220630/photo/ 76 KB
76 KB 250ms
248ms Image
image/jpeg 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/photo/bkn-20220630115801289-0630_00842_001_01s.jpg?20220630125327
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4c9e237182baafe9273e1a0dbe7f8b6814c885a11c842fc879b0939c74cdccd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: HIT
x-cacheable: Y09
cf-ray: 723607405f819279-FRA
content-length: 77621
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 04:53:05 GMT
server: cloudflare
etag: "62bd2c31-12f35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 420585680
cache-control: public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 bkn-20220630142124688-0630_00842_001_01s.jpg
hk.on.cc/hk/bkn/cnt/finance/20220630/photo/ 82 KB
82 KB 228ms
226ms Image
image/jpeg 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/photo/bkn-20220630142124688-0630_00842_001_01s.jpg?20220630143346
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fa702bcdf3df8c233163b3e5503579bb9109b7f426add09771cb54bbaa0275a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: HIT
x-cacheable: Y09
cf-ray: 723607405f829279-FRA
content-length: 84162
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 06:33:30 GMT
server: cloudflare
etag: "62bd43ba-148c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 435970800
cache-control: public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 bkn-20220630151705577-0630_00842_001_01s.jpg
hk.on.cc/hk/bkn/cnt/finance/20220630/photo/ 57 KB
58 KB 242ms
240ms Image
image/jpeg 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/photo/bkn-20220630151705577-0630_00842_001_01s.jpg?20220630154203
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a2ed5c3aaca816b771346b5324c8789fd85d57856a98d5ff07290a19f1b95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: HIT
x-cacheable: Y09
cf-ray: 723607405f839279-FRA
content-length: 58823
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 07:41:46 GMT
server: cloudflare
etag: "62bd53ba-e5c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 433375356
cache-control: public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 bkn-20220630160800461-0630_00842_001_01s.jpg
hk.on.cc/hk/bkn/cnt/finance/20220630/photo/ 104 KB
104 KB 233ms
231ms Image
image/jpeg 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/photo/bkn-20220630160800461-0630_00842_001_01s.jpg?20220630161201
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fff0e21870bb047343bb423f7d2526b209c74bdd7e22faf10cfad8042a9184dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: REVALIDATED
x-cacheable: Y09
cf-ray: 723607405f849279-FRA
content-length: 106424
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 08:11:43 GMT
server: cloudflare
etag: "62bd5abf-19fb8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 435970857
cache-control: public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 bkn-20220630124400486-0630_00842_001_01s.jpg
hk.on.cc/hk/bkn/cnt/finance/20220630/photo/ 65 KB
65 KB 229ms
228ms Image
image/jpeg 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/photo/bkn-20220630124400486-0630_00842_001_01s.jpg?20220630131324
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b25c86a38b295242f4b357ad3c2bd7f94d52e18d409ddbbaba64b5a5064fa1ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: HIT
x-cacheable: Y10
cf-ray: 723607405f859279-FRA
content-length: 66743
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 05:13:03 GMT
server: cloudflare
etag: "62bd30df-104b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 49100500
cache-control: public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 urchin.js Show response
orientaldaily.on.cc/js/v3/lib/ Frame B04B 18 KB
6 KB 27ms
27ms Script
application/x-javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/lib/urchin.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/iframe_ysm_utf8.html?device=desktop&section=finance&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab229322552892c8734d333a6b52b479f3d9cf7c8a1fc9cf2d8bd6ba3420284b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/js/v3/iframe_ysm_utf8.html?device=desktop&section=finance&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
age: 1
x-varnish: 54415067 55410967
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Feb 2012 06:36:24 GMT
server: cloudflare
etag: W/"4661-4b95f83604a00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=30, s-maxage=30
cf-ray: 72360740f85c9279-FRA
expires: Thu, 30 Jun 2022 08:12:43 GMT

GET
H2 200 urchin-lib.js Show response
orientaldaily.on.cc/js/v3/lib/ Frame B04B 1 KB
605 B 23ms
23ms Script
application/x-javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orientaldaily.on.cc/js/v3/lib/urchin-lib.js
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/iframe_ysm_utf8.html?device=desktop&section=finance&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 202370a6bb2899416c9ae48d85030b16576d76dd43c21af78ca42e2ecae0e8d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/js/v3/iframe_ysm_utf8.html?device=desktop&section=finance&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
content-encoding: br
cf-cache-status: HIT
x-cacheable: L07
age: 2927
x-varnish: 55219704
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 24 May 2021 04:21:30 GMT
server: cloudflare
etag: W/"46a-5c30bbe668680"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
content-type: application/x-javascript
cache-control: public, max-age=30, s-maxage=30
cf-ray: 72360740f85f9279-FRA
expires: Thu, 30 Jun 2022 09:12:13 GMT

GET
H2 200 odn_logo.png
hk.on.cc/mobile/img/ 2 KB
3 KB 26ms
20ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/mobile/img/odn_logo.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca369b7f67abbc64e8a9f8d2fe01bd42f12105dec97458faf311ad900e7c9be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: HIT
x-cacheable: Y09
age: 5672
cf-ray: 7236074128a09279-FRA
content-length: 2415
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Mar 2017 07:48:51 GMT
server: cloudflare
etag: "58c8f1e3-96f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 437048206 433945972
cache-control: public, max-age=7200, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 oncc_hk_on.png
hk.on.cc/mobile/img/ 2 KB
2 KB 27ms
21ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/mobile/img/oncc_hk_on.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 267567adb4b6505e023e870d208a89492534119bc9e581a7181e11d942ed56ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: HIT
x-cacheable: Y09
age: 5672
cf-ray: 7236074128a29279-FRA
content-length: 2304
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Mar 2017 07:57:28 GMT
server: cloudflare
etag: "58c8f3e8-900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 414492272 436644988
cache-control: public, max-age=7200, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 ontv_logo.png
hk.on.cc/mobile/img/ 3 KB
3 KB 26ms
20ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/mobile/img/ontv_logo.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a6bf83e852ce505163230054c023be0afbec473d5eb7c56ba2cea67e236fd8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: HIT
x-cacheable: Y09
age: 5672
cf-ray: 7236074128a39279-FRA
content-length: 3154
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 30 Dec 2019 01:39:11 GMT
server: cloudflare
etag: "5e09553f-c52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 414295884 432963539
cache-control: public, max-age=7200, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 epaper_logo.png
hk.on.cc/mobile/img/ 2 KB
3 KB 29ms
25ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/mobile/img/epaper_logo.png?v=2
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c2166c456df16a904a9694bf26fca192b82f6f6000103bce4d84ce2d89527d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: HIT
x-cacheable: Y09
age: 5672
cf-ray: 7236074128a49279-FRA
content-length: 2449
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Jun 2017 02:15:10 GMT
server: cloudflare
etag: "5934beae-991"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 385193470 436644996
cache-control: public, max-age=7200, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 m18_logo.png
hk.on.cc/mobile/img/ 4 KB
4 KB 31ms
27ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/mobile/img/m18_logo.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b598afd486f173c5d6bcba3863a904f0494eaf49957fb7c4b534a731cda34d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: HIT
x-cacheable: Y10
age: 5672
cf-ray: 7236074128a59279-FRA
content-length: 4439
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 15 Nov 2018 02:48:47 GMT
server: cloudflare
etag: "5becde8f-1157"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 62237430
cache-control: public, max-age=7200, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 p18_logo.png
hk.on.cc/mobile/img/ 8 KB
8 KB 26ms
23ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/mobile/img/p18_logo.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 311ed131ee2d852a3c476f02be22864564ce763ba88903e947cbaaf0c5c9c060

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: HIT
x-cacheable: Y09
age: 5672
cf-ray: 7236074128a69279-FRA
content-length: 7733
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Mar 2017 07:48:54 GMT
server: cloudflare
etag: "58c8f1e6-1e35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 437260032 435899315
cache-control: public, max-age=7200, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 ofa_logo.png
hk.on.cc/mobile/img/ 6 KB
6 KB 24ms
21ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/mobile/img/ofa_logo.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f419e7307780a5eaf54c57408a025126ac694c9ff59dc40982807ea16e4bfff2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: HIT
x-cacheable: Y09
age: 5672
cf-ray: 7236074128a79279-FRA
content-length: 5729
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 Mar 2020 01:52:23 GMT
server: cloudflare
etag: "5e6ae757-1661"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 433251065 432963542
cache-control: public, max-age=7200, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 classified_on.png
hk.on.cc/mobile/img/ 3 KB
3 KB 25ms
22ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/mobile/img/classified_on.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb02904d7b781b74b7ab5506401d37c87203c5d17319eb14676fb865e97684ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: HIT
x-cacheable: Y09
age: 5672
cf-ray: 7236074128a89279-FRA
content-length: 2751
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Dec 2016 10:31:45 GMT
server: cloudflare
etag: "5864e611-abf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 436937808 435970829
cache-control: public, max-age=7200, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 entrybanner.jpg
hk.on.cc/mobile/img/ 151 KB
152 KB 225ms
222ms Image
image/jpeg 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/mobile/img/entrybanner.jpg
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca6d2da6e15aaf6a2a3a84aba91a70d97d30f7188bf2526e238bda35fc5d01a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: HIT
x-cacheable: Y09
cf-ray: 7236074128aa9279-FRA
content-length: 154960
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 08 Oct 2021 02:20:42 GMT
server: cloudflare
etag: "615faafa-25d50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 691612412 690736628
cache-control: public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 __utm.gif
orientaldaily.on.cc/img/ Frame B04B 35 B
217 B 224ms
223ms Image
image/gif 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/__utm.gif?utmwv=1&utmn=1468056196&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E5%BB%A3%E5%91%8A%20-%20%E6%9D%B1%E6%96%B9%E6%97%A5%E5%A0%B1&utmhn=orientaldaily.on.cc&utmr=0&utmp=https://orientaldaily.on.cc/js/v3/iframe_ysm_utf8.html?device=desktop&section=finance&url=https%253A%252F%252Forientaldaily.on.cc%252Fcontent%252F%2525E7%252594%2525A2%2525E7%2525B6%252593%252Fodn-20220630-0630_00202_035%252F%2525E6%2525B8%2525A3%2525E6%252589%252593%2525E6%252593%2525AC%2525E5%252586%25258D%2525E6%252595%2525B4%2525E5%252590%252588%2525E5%25258D%2525B0%2525E5%2525BA%2525A6%2525E8%2525B2%2525B8%2525E6%2525AC%2525BE
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/iframe_ysm_utf8.html?device=desktop&section=finance&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/js/v3/iframe_ysm_utf8.html?device=desktop&section=finance&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: DYNAMIC
x-cacheable: NO:Not Cacheable
age: 0
content-type: image/gif
content-length: 35
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 17 Nov 2010 02:43:06 GMT
server: cloudflare
etag: "23-49536a2074280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-language: zh-TW
x-varnish: 98921297
cache-control: no-store, max-age=0
accept-ranges: bytes
cf-ray: 7236074138bc9279-FRA
expires: Thu, 30 Jun 2022 10:05:48 GMT

GET
H2 200 ic_s_up_on_32.png
orientaldaily.on.cc/img/v3/ 4 KB
4 KB 216ms
215ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/ic_s_up_on_32.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-content.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93a39183c6ae715636ed25fd02d5a1afa92f61c780979f6f48c80b5d4c7482f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-content.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: HIT
x-cacheable: L08
content-type: image/png
content-length: 3819
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Jul 2021 11:23:28 GMT
server: cloudflare
etag: "eeb-5c65e88ce4c00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 48860071
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 7236074138bd9279-FRA
expires: Thu, 30 Jun 2022 08:12:36 GMT

GET
H2 200 ic_s_down_on_32.png
orientaldaily.on.cc/img/v3/ 4 KB
4 KB 286ms
285ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orientaldaily.on.cc/img/v3/ic_s_down_on_32.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/css/v3/odn-content.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b50c0a0deb95f235d8a83870eabda247bec8c7c86231c3e47954e328ff1e711d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/css/v3/odn-content.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: HIT
x-cacheable: L07
content-type: image/png
content-length: 3825
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 05 Jul 2021 11:23:35 GMT
server: cloudflare
etag: "ef1-5c65e89391bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: zh-TW
x-varnish: 188929677 195014765
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
cf-ray: 7236074138be9279-FRA
expires: Thu, 30 Jun 2022 08:12:10 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B0FD 42 B
63 B 40ms
39ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DaoJfe99x5qtTA5z2H-_9ySvpy__szjTGnz_Q9eTkc0re05XqbsyIMZ362AcZliVMn4YxJK2n7VfuDJvb9ssbn-CqZbAwpUwulOuCec6nWGxZGvis

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=90&slotname=4687187148&adk=190292511&adf=3572679136&pi=t.ma~as.4687187148&w=728&lmt=1656582947&psa=0&format=728x90&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656582947655&bpp=9&bdt=5383&idt=9&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D46f1c4f1af7d2b8e-222913e4c2cd0005%3AT%3D1656582944%3AS%3DALNI_MbrsauRIB-DaQfLBc2VJDcMTiIQJw&prev_fmts=0x0&nras=1&correlator=5216671937182&frm=20&pv=1&ga_vid=1106156460.1656582945&ga_sid=1656582945&ga_hid=1738100419&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067528&oid=2&pvsid=1096025088954002&tmod=616171689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&fsb=1&xpc=mP2XPgQQfY&p=https%3A//orientaldaily.on.cc&dtd=24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame B0FD 3 KB
1 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 820
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 09:42:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B0FD 138 KB
43 KB 63ms
27ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Jun 2022 09:55:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame B0FD 17 KB
8 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 09:53:23 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B0FD 0
0 30ms
14ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRBj_yltoL7T5G4CjtSEEP2Z-h5yyDODAJ3f2BNue77Jn_yr7_mS1w_A4LFTkFBFyunxgcAoPYVlXAAHiEYDMwzxPLq-Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=90&slotname=4687187148&adk=190292511&adf=3572679136&pi=t.ma~as.4687187148&w=728&lmt=1656582947&psa=0&format=728x90&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656582947655&bpp=9&bdt=5383&idt=9&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D46f1c4f1af7d2b8e-222913e4c2cd0005%3AT%3D1656582944%3AS%3DALNI_MbrsauRIB-DaQfLBc2VJDcMTiIQJw&prev_fmts=0x0&nras=1&correlator=5216671937182&frm=20&pv=1&ga_vid=1106156460.1656582945&ga_sid=1656582945&ga_hid=1738100419&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067528&oid=2&pvsid=1096025088954002&tmod=616171689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&fsb=1&xpc=mP2XPgQQfY&p=https%3A//orientaldaily.on.cc&dtd=24
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E550 624 B
297 B 18ms
18ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNXxXe3UL3HJu_O0XMhOQwfrK3D2uDNjklBHKcuGnDL44PLOYalrmZZSIjME55g_zr-PXIuvO_O_xEIjVKv09Y9gGvLmwAkaNcWHj-Wa2d6ra1RnERHppsr8jG4sZ0pU98u4Kl6UjSopsUQlRSco8KukgxEg6df_5eRr5eyXvwMKZWlUGXs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=90&slotname=4687187148&adk=190292511&adf=3572679136&pi=t.ma~as.4687187148&w=728&lmt=1656582947&psa=0&format=728x90&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656582947655&bpp=9&bdt=5383&idt=9&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D46f1c4f1af7d2b8e-222913e4c2cd0005%3AT%3D1656582944%3AS%3DALNI_MbrsauRIB-DaQfLBc2VJDcMTiIQJw&prev_fmts=0x0&nras=1&correlator=5216671937182&frm=20&pv=1&ga_vid=1106156460.1656582945&ga_sid=1656582945&ga_hid=1738100419&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067528&oid=2&pvsid=1096025088954002&tmod=616171689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&fsb=1&xpc=mP2XPgQQfY&p=https%3A//orientaldaily.on.cc&dtd=24
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 09:55:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B0FD 76 KB
32 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CA5koGKyn1wzfX5HbksUx_F8gX6DdkHVjhL1AC43hTX2gdJPUZwL9UAGjexBliiplvYT93LfruKznH07AlF6jpvQynPg&cry=1&dbm_d=AKAmf-BGOQWYOgGg_LWYMe41pmbY1xjc-JKC7OeuUGgq43yaJpWhbkq8jA-iiiZJI4LJmw2QpRmj9JY1vAgjLWie3GTdT9eIWok9U-APHuT0ISiFlVBoCm0N6IFChdYXIuuVcZVG20tuoZKnZtQE5v5z3IMTz8Pp-2vbPvvYaJOrWdp9pQ_j_DQvz_qGN13dzUpXsWju3lc8tkHiyZPoXZceoxjZVmsomwEyCdtCZjxyHbe61o9GwqDX1zD4EJuKmgGc7sDTJ4e5q41_eUs75q_rhh-M6Y4w0NtC9CYbRa31TLA4bOka5RRL4RBpKKL9l4yom9BtEtF_jwyHfva_DxU6vC664qsLTHKJanu4pQzIjF6yEuLTw7rifjNx7UR86c0Ia3GMzSxAjkVVUotdrQFCBxdWukchCLxz08JFrn2h_88B9g4IKvONwD1HgwrwjqYNgSwbUhjv2ZR6jl2Id6o-NpM_YOP5ByXo_NwvZcxNSXpOuNl0GXl2CnVryVq9XRy00WB_zR2bn-FeH7rUyxvlk6KVa2Vwl1VGnz3CbkjdAtpO9_oqWXWbZpYqyVK8Vk3FIoNEC5naUvBhyrKhjCs5hEAbG7RBcOK7l2j973bXEIvxiZ5TEmUVkIfNbmvGs-CP--jWrBOkPvYGfwb0sD5ehmYmhEG4AdlvNzX9Oc4lQc4GHSd1IkQjfJuqT1BD42Ef3xd82l927_TIkPorW_Gof6ulSjf_hBmKaamYkOwA_UoxIehZyDN0SCtrkbLpgh-UttXLrwD72xZBCoBnO9rsekB9nLbzohKkYWmIYVBsctLzE7Wfqx7YVKktRVy9cCjTNqDXGPVjprUlvn0f21dHDrZbjMAnn_BGG-9rqoreNBOkHIy-zC9nic4Dtg3X3TV_92dQZjKkf1MqFSUmth1wpdIlHQ0ifk6KwGQ1lCd0erKTALSEU6s7cO6jTnCAMyLc-2wcRfFiGO6oZTL4q74yBv8rxFxb92Jqv44K0LgiY5eEeKyiz_p3wkzcS6mKRyovvDK7vfEsq029CsnYsdskvMcMnQTuI7zKKAnKMqMKCnmxcgsyXWkRC9YcMhz1CCun7G4h1HjrtN0-17Df7UIdwfONzIZzoZAN4znXA-WOLngcq1xr3aU3_Yn3Ls702F2ysJGPuyiWeKD5t10GDveRbfUqOWgnnukSE2inv1-iyT-__UZFoR_3aASpdg0OZy107CIWZUoYZ4xH163o6um_tCvS65XAWXluSq3obcBGgrhewTOd9Faxz-O9Lud4S83dBecDSJVorKuvQqDfGYgaljcphkFjwW7D4EB-yrfS7CsV1wPUAU1pvmtTCJ3FY2Yxzd3q4EU7AaiR_bbN9wbTHDN_DqRVhN5cn2e_V6n1j1FtlA3BPe6R0RYukQ9U55p9aLqNmdcY3KPYyWt_mQr8bjSDxTAp_MEcvoo2A3tnEeKzNKB65Uel1XlF6kWzGoLDkT5JgXu_MhdCO5UcuHV1jDRih3D431-MjBYtyrZbBhst95NTFqVnbKucd5b5lQ7_wYbB5NHF3fWZMymIfZ7Wo_5k_G5jwvpvp2howeQSTGXGwAIrACp5ju7tNAt176Y43Ld4ECQGHcZmF-7XxJvPN2ftfHsbOVrUGnJsTyZY5inDZveBH8ngKy42HgtxUegTpDrSpZictBD9M5i1OJjjqiHJ-6VwS-klbOrl2r-XJVek-sRL81IL4SVFZNVn3ifQWAiOu8XBb4Z-LNvpvTW_5moatCmiqDoVA-Rqb66SAQUhk2_81SIWssZm4ew25uphLmfJRa6cfEFmkQALhWpxwaJ4IZSAFnRUqFEDINVdx_0rj9SiL_-Nz1l5nLvUUgi-BV95lPN2HxUdWMaj0YEI5FNRIT-LVe7SmuUGpgEP30VBcGf3ztzAdnb8qf5KgRbLjCEnzeXug3nhuryRyzfD0g_zxLCAAlabgbdSxa_gE2KsvoyNnB86PNtYoqqlv_NYobywkPyApTuHp0U_QKWak-SIIGprZFeKImHdKIPp5mXcDtI-xUZvOTu5xu2dSMGBMW7UAY-A8zv5eoUNNWgrNLJHdR4aHSiTzKRHcEirzeb-LgeZndEX5TWFgRAsEG9-RwolHLL12CA_IDVjwRWScGnUg3U_TD9kRV5dFgGSxwTigQh31yGaVp61Kp30JTPYWUzPelECaCHB5hKKqXTADh7AF9HKOIfXB7iO-d3-fK3cJLtT3RxYAF2JMGzjUxVCSgjfTQzWW_jn701P5xAksdxMngL2sT7SoLYEsPMMeLiKROhqB5KLmB9wej91DhINQRouY95VlfrkJVrleeOJ0_q5BsbppDJyGVpFoRLEZqITiNHl-k3bDHHsKsDUDw1mmrEaKXA5eUkxH4LbbC-3zUCw3agk8GD05bC8_bfQc3uOWfm0evpUhIZPpY_SwhiLrEfSZBQvHrgkd3rruFCbPKkbxLzI9Bv9d1JO7I0hDx41oBk-yvteaMXJn4VxFuSYRR3EI7bwKRDmPkJfMnFs4Poy3A7RbJBWFq1eK2qkq4vOIWAmMfwjyk4wvMnyuulMOycnt16-mvJE4RWEPcOzAeTPcrGBauGMdGNBmtP9uV8OLiSad9QnoVQ1-xvMclkXykJ4UACn6VS-rS9NH88TOBS5qJFCPk0obuW7a7CU8MZn2bGgNwP2hxU8avn9-5gwgQVWJLrLPzuAI4Rm-IXOiYjyoHPmc4VbpRL_hDZk4GtKZE3vqBiKkMICZCwIobGjnNx68R0hVYXZVlEZwD3E78-6JlBdm6td05xsjJlqduT9rTXZVjH8Xtlqx0WDTUIW5eJXysovsWcpeA1FDu_AfSjtLiKo6J9xfriE9e2syhaH99I6iLQjTSJqUOYL0tbxIdATgLTDcJSqDFN1npXRm9kRcoAvZ2x59bxKvsFwo_A9-1YmCHgvKmcE5b6PqA-yRWkgDX4dYL_WtrMFoUz9eQZ6SSzLI_PPilDqeAPLsTVpIaX8VaEAC-PsBkQFTBlGR_6zxCttZuYVCULvejpFQF-5FlWV1fWC5EFtZc8LXQOuqkaebeya8M22aY0DAvFV6ty0CxDKMR6vRxVBu6m8pXWFHFqS_GbBVsJq6-dYe_Vse7wjd4lAvbQmhUwQu3TfBTWRM3i3P7idLCm0XvnIb_mIWcH3_DyCVwdecxVCh-hA1jc21OAREgzVm4YYGmMZk08v6cdfUFP5lad_TmJDMc2zWWxc-Wb_m7RZOUjOrQgTwaRFQmCRgrBue766-CLXgPYg3BiNJk86UZh2IEASPP3ygFe-FGaW0tEXaV6j57kh0TaHfr1tGMJEoEzLQVEvi38e1jPpfWaWTQNEp66RsnFmnW72V0FI0bUawocEwGSU4xO4vRIzr_HYhDGNma-pPOP9agy2&cid=CAASJORo8pxd3GFkI4Zcy6BEhuS9e9AO3Z7IDtvS65xHxlMXXnl98g&rfl=1%2Chttps%253A%252F%252Forientaldaily.on.cc%252Fcontent%252F%2525E7%252594%2525A2%2525E7%2525B6%252593%252Fodn-20220630-0630_00202_035%252F%2525E6%2525B8%2525A3%2525E6%252589%252593%2525E6%252593%2525AC%2525E5%252586%25258D%2525E6%252595%2525B4%2525E5%252590%252588%2525E5%25258D%2525B0%2525E5%2525BA%2525A6%2525E8%2525B2%2525B8%2525E6%2525AC%2525BE%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50d359761c4834fd8c9361e73dd7e24af94f288c6e073443f11b78cff1f0747d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=90&slotname=4687187148&adk=190292511&adf=3572679136&pi=t.ma~as.4687187148&w=728&lmt=1656582947&psa=0&format=728x90&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656582947655&bpp=9&bdt=5383&idt=9&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D46f1c4f1af7d2b8e-222913e4c2cd0005%3AT%3D1656582944%3AS%3DALNI_MbrsauRIB-DaQfLBc2VJDcMTiIQJw&prev_fmts=0x0&nras=1&correlator=5216671937182&frm=20&pv=1&ga_vid=1106156460.1656582945&ga_sid=1656582945&ga_hid=1738100419&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067528&oid=2&pvsid=1096025088954002&tmod=616171689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&fsb=1&xpc=mP2XPgQQfY&p=https%3A//orientaldaily.on.cc&dtd=24
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32972
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E550
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDUcE7uqXpjvsbXBzyigMIk&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDUcE7uqXpjvsbXBzyigMIk&google_cver=1&C=1

43 B
906 B

28ms
28ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDUcE7uqXpjvsbXBzyigMIk&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNXxXe3UL3HJu_O0XMhOQwfrK3D2uDNjklBHKcuGnDL44PLOYalrmZZSIjME55g_zr-PXIuvO_O_xEIjVKv09Y9gGvLmwAkaNcWHj-Wa2d6ra1RnERHppsr8jG4sZ0pU98u4Kl6UjSopsUQlRSco8KukgxEg6df_5eRr5eyXvwMKZWlUGXs
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 723607429e8c9b92-FRA
pragma: no-cache
date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i9gEg%2B1bubnFThza%2BFAI08PUyDrgYHhM46OhAF0pW9BpskW8rM5cBFEld28coxoOg6w%2Frpsu6fW0x7a2GhFxt7mpAvbvGt0mNJa9YjoRSDNYst8PogQzAaFOgLq8nj8a7hdxLfqpuGqHJA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1pnXzq6qML2TsX%2B1P%2FaPSRi%2B0xtlTRDLqYn%2BcQr91n3nV67neub2yIGpHeGJfo%2BnXRyNcDD%2FrkWOlGc1m5mo4b18EABLfhpMP%2F8omv0llPTwUN3H6vpWzp6g%2BFp%2BX9wq%2F0KZpOfbwnbhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEDUcE7uqXpjvsbXBzyigMIk&google_cver=1&C=1
cache-control: no-cache
cf-ray: 723607425e6b9b28-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E550
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yr1zJClV1LElFqjpreatSwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDUcE7uqXpjvsbXBzyigMIk&google_cver=1

43 B
912 B

36ms
35ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDUcE7uqXpjvsbXBzyigMIk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNXxXe3UL3HJu_O0XMhOQwfrK3D2uDNjklBHKcuGnDL44PLOYalrmZZSIjME55g_zr-PXIuvO_O_xEIjVKv09Y9gGvLmwAkaNcWHj-Wa2d6ra1RnERHppsr8jG4sZ0pU98u4Kl6UjSopsUQlRSco8KukgxEg6df_5eRr5eyXvwMKZWlUGXs
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 723607432f849b92-FRA
pragma: no-cache
date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkSxDFqQz%2FN32ddNWWrFDhTguAOTU%2F9%2FzMMVxTxccW5mxFR96bl5LWYTo7iPWeYRG2e8buVcRoPSYjdkxXezdRbnBfq%2BF34djZ77hYksvyOVWow5bqhaDbDXlCqu5VAcrcvmtoj2Ve8%2BKA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDUcE7uqXpjvsbXBzyigMIk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E550
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGAPcmksY78uAMAYa_oazKE&google_cver=1

43 B
1016 B

21ms
14ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGAPcmksY78uAMAYa_oazKE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNXxXe3UL3HJu_O0XMhOQwfrK3D2uDNjklBHKcuGnDL44PLOYalrmZZSIjME55g_zr-PXIuvO_O_xEIjVKv09Y9gGvLmwAkaNcWHj-Wa2d6ra1RnERHppsr8jG4sZ0pU98u4Kl6UjSopsUQlRSco8KukgxEg6df_5eRr5eyXvwMKZWlUGXs

Protocol

HTTP/1.1

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 09:55:48 GMT
X-Proxy-Origin: 217.64.151.69; 217.64.151.69; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 17a65514-fdad-42e5-9680-1ac9d09776da
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGAPcmksY78uAMAYa_oazKE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E550
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ2NjM3NDcxNTg5MzUzMjg3MA%3D%3D

170 B
188 B

40ms
25ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ2NjM3NDcxNTg5MzUzMjg3MA%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 09:55:48 GMT
X-Proxy-Origin: 217.64.151.69; 217.64.151.69; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: eb286bb4-fd52-4511-ab2c-5236e031ecb8
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ2NjM3NDcxNTg5MzUzMjg3MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame B0FD 106 KB
38 KB 42ms
7ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2787
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Jul 2022 09:09:21 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/elements/html/ Frame B0FD 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CA5koGKyn1wzfX5HbksUx_F8gX6DdkHVjhL1AC43hTX2gdJPUZwL9UAGjexBliiplvYT93LfruKznH07AlF6jpvQynPg&cry=1&dbm_d=AKAmf-BGOQWYOgGg_LWYMe41pmbY1xjc-JKC7OeuUGgq43yaJpWhbkq8jA-iiiZJI4LJmw2QpRmj9JY1vAgjLWie3GTdT9eIWok9U-APHuT0ISiFlVBoCm0N6IFChdYXIuuVcZVG20tuoZKnZtQE5v5z3IMTz8Pp-2vbPvvYaJOrWdp9pQ_j_DQvz_qGN13dzUpXsWju3lc8tkHiyZPoXZceoxjZVmsomwEyCdtCZjxyHbe61o9GwqDX1zD4EJuKmgGc7sDTJ4e5q41_eUs75q_rhh-M6Y4w0NtC9CYbRa31TLA4bOka5RRL4RBpKKL9l4yom9BtEtF_jwyHfva_DxU6vC664qsLTHKJanu4pQzIjF6yEuLTw7rifjNx7UR86c0Ia3GMzSxAjkVVUotdrQFCBxdWukchCLxz08JFrn2h_88B9g4IKvONwD1HgwrwjqYNgSwbUhjv2ZR6jl2Id6o-NpM_YOP5ByXo_NwvZcxNSXpOuNl0GXl2CnVryVq9XRy00WB_zR2bn-FeH7rUyxvlk6KVa2Vwl1VGnz3CbkjdAtpO9_oqWXWbZpYqyVK8Vk3FIoNEC5naUvBhyrKhjCs5hEAbG7RBcOK7l2j973bXEIvxiZ5TEmUVkIfNbmvGs-CP--jWrBOkPvYGfwb0sD5ehmYmhEG4AdlvNzX9Oc4lQc4GHSd1IkQjfJuqT1BD42Ef3xd82l927_TIkPorW_Gof6ulSjf_hBmKaamYkOwA_UoxIehZyDN0SCtrkbLpgh-UttXLrwD72xZBCoBnO9rsekB9nLbzohKkYWmIYVBsctLzE7Wfqx7YVKktRVy9cCjTNqDXGPVjprUlvn0f21dHDrZbjMAnn_BGG-9rqoreNBOkHIy-zC9nic4Dtg3X3TV_92dQZjKkf1MqFSUmth1wpdIlHQ0ifk6KwGQ1lCd0erKTALSEU6s7cO6jTnCAMyLc-2wcRfFiGO6oZTL4q74yBv8rxFxb92Jqv44K0LgiY5eEeKyiz_p3wkzcS6mKRyovvDK7vfEsq029CsnYsdskvMcMnQTuI7zKKAnKMqMKCnmxcgsyXWkRC9YcMhz1CCun7G4h1HjrtN0-17Df7UIdwfONzIZzoZAN4znXA-WOLngcq1xr3aU3_Yn3Ls702F2ysJGPuyiWeKD5t10GDveRbfUqOWgnnukSE2inv1-iyT-__UZFoR_3aASpdg0OZy107CIWZUoYZ4xH163o6um_tCvS65XAWXluSq3obcBGgrhewTOd9Faxz-O9Lud4S83dBecDSJVorKuvQqDfGYgaljcphkFjwW7D4EB-yrfS7CsV1wPUAU1pvmtTCJ3FY2Yxzd3q4EU7AaiR_bbN9wbTHDN_DqRVhN5cn2e_V6n1j1FtlA3BPe6R0RYukQ9U55p9aLqNmdcY3KPYyWt_mQr8bjSDxTAp_MEcvoo2A3tnEeKzNKB65Uel1XlF6kWzGoLDkT5JgXu_MhdCO5UcuHV1jDRih3D431-MjBYtyrZbBhst95NTFqVnbKucd5b5lQ7_wYbB5NHF3fWZMymIfZ7Wo_5k_G5jwvpvp2howeQSTGXGwAIrACp5ju7tNAt176Y43Ld4ECQGHcZmF-7XxJvPN2ftfHsbOVrUGnJsTyZY5inDZveBH8ngKy42HgtxUegTpDrSpZictBD9M5i1OJjjqiHJ-6VwS-klbOrl2r-XJVek-sRL81IL4SVFZNVn3ifQWAiOu8XBb4Z-LNvpvTW_5moatCmiqDoVA-Rqb66SAQUhk2_81SIWssZm4ew25uphLmfJRa6cfEFmkQALhWpxwaJ4IZSAFnRUqFEDINVdx_0rj9SiL_-Nz1l5nLvUUgi-BV95lPN2HxUdWMaj0YEI5FNRIT-LVe7SmuUGpgEP30VBcGf3ztzAdnb8qf5KgRbLjCEnzeXug3nhuryRyzfD0g_zxLCAAlabgbdSxa_gE2KsvoyNnB86PNtYoqqlv_NYobywkPyApTuHp0U_QKWak-SIIGprZFeKImHdKIPp5mXcDtI-xUZvOTu5xu2dSMGBMW7UAY-A8zv5eoUNNWgrNLJHdR4aHSiTzKRHcEirzeb-LgeZndEX5TWFgRAsEG9-RwolHLL12CA_IDVjwRWScGnUg3U_TD9kRV5dFgGSxwTigQh31yGaVp61Kp30JTPYWUzPelECaCHB5hKKqXTADh7AF9HKOIfXB7iO-d3-fK3cJLtT3RxYAF2JMGzjUxVCSgjfTQzWW_jn701P5xAksdxMngL2sT7SoLYEsPMMeLiKROhqB5KLmB9wej91DhINQRouY95VlfrkJVrleeOJ0_q5BsbppDJyGVpFoRLEZqITiNHl-k3bDHHsKsDUDw1mmrEaKXA5eUkxH4LbbC-3zUCw3agk8GD05bC8_bfQc3uOWfm0evpUhIZPpY_SwhiLrEfSZBQvHrgkd3rruFCbPKkbxLzI9Bv9d1JO7I0hDx41oBk-yvteaMXJn4VxFuSYRR3EI7bwKRDmPkJfMnFs4Poy3A7RbJBWFq1eK2qkq4vOIWAmMfwjyk4wvMnyuulMOycnt16-mvJE4RWEPcOzAeTPcrGBauGMdGNBmtP9uV8OLiSad9QnoVQ1-xvMclkXykJ4UACn6VS-rS9NH88TOBS5qJFCPk0obuW7a7CU8MZn2bGgNwP2hxU8avn9-5gwgQVWJLrLPzuAI4Rm-IXOiYjyoHPmc4VbpRL_hDZk4GtKZE3vqBiKkMICZCwIobGjnNx68R0hVYXZVlEZwD3E78-6JlBdm6td05xsjJlqduT9rTXZVjH8Xtlqx0WDTUIW5eJXysovsWcpeA1FDu_AfSjtLiKo6J9xfriE9e2syhaH99I6iLQjTSJqUOYL0tbxIdATgLTDcJSqDFN1npXRm9kRcoAvZ2x59bxKvsFwo_A9-1YmCHgvKmcE5b6PqA-yRWkgDX4dYL_WtrMFoUz9eQZ6SSzLI_PPilDqeAPLsTVpIaX8VaEAC-PsBkQFTBlGR_6zxCttZuYVCULvejpFQF-5FlWV1fWC5EFtZc8LXQOuqkaebeya8M22aY0DAvFV6ty0CxDKMR6vRxVBu6m8pXWFHFqS_GbBVsJq6-dYe_Vse7wjd4lAvbQmhUwQu3TfBTWRM3i3P7idLCm0XvnIb_mIWcH3_DyCVwdecxVCh-hA1jc21OAREgzVm4YYGmMZk08v6cdfUFP5lad_TmJDMc2zWWxc-Wb_m7RZOUjOrQgTwaRFQmCRgrBue766-CLXgPYg3BiNJk86UZh2IEASPP3ygFe-FGaW0tEXaV6j57kh0TaHfr1tGMJEoEzLQVEvi38e1jPpfWaWTQNEp66RsnFmnW72V0FI0bUawocEwGSU4xO4vRIzr_HYhDGNma-pPOP9agy2&cid=CAASJORo8pxd3GFkI4Zcy6BEhuS9e9AO3Z7IDtvS65xHxlMXXnl98g&rfl=1%2Chttps%253A%252F%252Forientaldaily.on.cc%252Fcontent%252F%2525E7%252594%2525A2%2525E7%2525B6%252593%252Fodn-20220630-0630_00202_035%252F%2525E6%2525B8%2525A3%2525E6%252589%252593%2525E6%252593%2525AC%2525E5%252586%25258D%2525E6%252595%2525B4%2525E5%252590%252588%2525E5%25258D%2525B0%2525E5%2525BA%2525A6%2525E8%2525B2%2525B8%2525E6%2525AC%2525BE%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:49:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 09:49:07 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/ Frame B0FD 27 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:51:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10545
x-xss-protection: 0
server: cafe
etag: 4672069523611413616
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 09:51:27 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B0FD 41 KB
15 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 06:00:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100535
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 06:00:13 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3BF3 1 KB
749 B 9ms
8ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14524
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 05:53:44 GMT
etag: 48472445140208031
expires: Fri, 01 Jul 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B0FD 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1af29bc4964ee522fe490a84a5033cafabef63b6f71e5a9e79b3a7d84b60ef6e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bkn-20220630151705577-0630_00842_001_01s.jpg
hk.on.cc/hk/bkn/cnt/finance/20220630/photo/ 57 KB
58 KB 22ms
21ms Image
image/jpeg 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/photo/bkn-20220630151705577-0630_00842_001_01s.jpg?20220630154203
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a2ed5c3aaca816b771346b5324c8789fd85d57856a98d5ff07290a19f1b95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: HIT
x-cacheable: Y09
age: 0
cf-ray: 72360742ba4e9279-FRA
content-length: 58823
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 07:41:46 GMT
server: cloudflare
etag: "62bd53ba-e5c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 433375356
cache-control: public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 bkn-20220630115801289-0630_00842_001_01s.jpg
hk.on.cc/hk/bkn/cnt/finance/20220630/photo/ 76 KB
76 KB 22ms
22ms Image
image/jpeg 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/hk/bkn/cnt/finance/20220630/photo/bkn-20220630115801289-0630_00842_001_01s.jpg?20220630125327
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4c9e237182baafe9273e1a0dbe7f8b6814c885a11c842fc879b0939c74cdccd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: HIT
x-cacheable: Y09
age: 0
cf-ray: 72360742ba509279-FRA
content-length: 77621
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jun 2022 04:53:05 GMT
server: cloudflare
etag: "62bd2c31-12f35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 420585680
cache-control: public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame EC59 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 242278
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Jun 2022 14:37:50 GMT
expires: Tue, 27 Jun 2023 14:37:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15374167833468129461/728x90/ Frame FAC2 4 KB
1 KB 26ms
7ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57f20f65a10867616695b8f240166303c0376e91df1a7fc4d4bf6789f541fcc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 158218
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1391
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Jun 2022 13:58:50 GMT
expires: Wed, 28 Jun 2023 13:58:50 GMT
last-modified: Thu, 09 Jun 2022 11:56:45 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B0FD 0
623 B 93ms
57ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuB1iEssLSl86tV_kRkdeYKCO4C6yuZTwJaPw4HCgTyVhfQKODyQzWzV5ZqMvjGJsriKO4fYBnLbwmmGL4MNT7pq_qrN6ztAMFa0ZhVkk26zpVA_uBvCU4cgW9UGYLwTc8tnwJCPySNzXQV6L9JcqJS6VHjRYLoBDQmJJjgDhsB_YA6nIGZdLX6q0PyYW7tIBK02WSzpkYxbFHUrHwM3KLQNxHAITX8FPL3tRxpLHth4ykcYN378ARE0M63HIzbGEzACMj9N1XPgG4V_bkcbbl5ft4JxPbggBKrsqPZor5zpPuPyWKdpfGsU9_ARZbGrbJbkoE8aFVTBUSQAwerxjKO27Brxh8XNZ7_ZY6pBVf8VZvABmKvOrUnb9qe9JI3EeJ_nFj8V_wDKVoUttuod1dWNICIBF-hKP4J2v5Wn9UZsGlA8OdzHcb_iaUCEWSmMWdfgKezkPoOryPK0Hfyx2wK33FJ2Zes8enLVtzq8lhthjJWNIWs8RB6FXdV2jboyWdpreAWGtOOsY3wrPGSqCHRT3liIr7wFordEKUPg5WTGYjRlTJbnKKMlDZlsUMpTQZZIsK-D5eiPjBMHYLhdgm0-NE1gRNmActWhhJvKwP4wiFDHjlN2hANvRvQ7WF9f2PEtiHMcK1KqxuljArwBjCah1YUfjfRLEubyca1DpbMsW2yV-3QQIzi1tM_q-gVEV3qJfHm97U-AqPCjufa3P7eIfe1OH41rjs-1cC9fBDJMcQ23jivT5S_TpDb8SupDxfDnM0AJsSmWeMMB0PX2fCUqBT5chteBj10B1Rh56yvyh29dAsq1K7YDnCUIXjrqW7KePeJiSWFdkfRoaCekHKza9bu0l9RyWK-0uY13hortCB1BQ_ATUprBrbKfZOaquvKeyPVEWDeSoPFcIdLxcZPUqJYPtDq2xpNkgdR_A6w2-1g4y7jDaeZPgbNdFuPwp7yfkuKlssLIYr4xFQ5vltjmw-DYnRagko4gJU4cgowuS878DTznzIlgigr7eTfxtB-YeClFaAj2OKJPKYa03DU9zg8ksBUmsC_UJ5VHdLNId5_VsDO-4z5ND9Wf-1E1V7r-9zPsweMmtfHSwWmzS7ntmgutPklmU9Rm0Zxx3uHM513mdsf91nvVfgaafsansE1Phu3y4wHfTo2aESJLx1KsYnqbwWN7bYMZbvEFchBrQ5qT_drZSgvOm2LN1220OAojpf0w4AVn3R_-GDiVm0c6Koc1xLD&sai=AMfl-YQZEUr03vOv8MKs5aKSLyJsmoYKJOp71OSIu-tPCVGKlPpxG6W-ocv3RTyqp0gZSHLwgIwxZMpdyrVOwg01eY09l9-_cAifmZihruuHYRRrDbjzOIjco6ZvXZ4qQtwvgRPqNUa2Yw7ngMQfpN6bD2BUxEujL2ZLQKlZNUwLRjGVamI8145WqwJJCQIsZWJq-2UWLKPv3jS_1A_yDXeU8g&sig=Cg0ArKJSzGPZsEkY4EmiEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=123&cbvp=1&cstd=119&cisv=r20220628.85655&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 30 Jun 2022 09:55:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 dpixel
cms.quantserve.com/ Frame 3BF3 35 B
465 B 35ms
9ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEME04EpZx5mJvMi1to62vdQ&google_cver=1&google_push=ARnp8GCVfLXyFkriXfFmI0RN9oYMNUp015aX2Y8Ug2HUc3Zjb_yFuVW59qJvGhd4Zs1dQFtzHEstWlTOujR8aFdjl-i2csNNhzIw

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3BF3
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GBfC1R5q8jja6zPExhO4AeQkmRvYPz-Q6Yqqwo...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXIxekpBQUFCQWdzMTJvSg&google_push=ARnp8GBfC1R5q8jja6zPExhO4AeQkmRvYPz-Q6Yqqwovlhc3OF6u0sTu4fNC3flW2mQBSTCwGOCwueQ37mfyQZm2-xTnZhyLWP7w

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXIxekpBQUFCQWdzMTJvSg&google_push=ARnp8GBfC1R5q8jja6zPExhO4AeQkmRvYPz-Q6Yqqwovlhc3OF6u0sTu4fNC3flW2mQBSTCwGOCwueQ37mfyQZm2-xTnZhyLWP7w

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXIxekpBQUFCQWdzMTJvSg&google_push=ARnp8GBfC1R5q8jja6zPExhO4AeQkmRvYPz-Q6Yqqwovlhc3OF6u0sTu4fNC3flW2mQBSTCwGOCwueQ37mfyQZm2-xTnZhyLWP7w
Date: Thu, 30 Jun 2022 09:55:48 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 3BF3 43 B
352 B 53ms
30ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIzXk0ykI50Ssn4poTkc4uQ&google_cver=1&google_push=ARnp8GDHLKbt_ilucb3BQQr2bH-NTKKQJlkTff1WdQ0mEnOqNPkMQRRomOCxbi4-noLvmZNCk4H7Kl9c1V00lzQWbtdAPenp-qkH
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=90&slotname=4687187148&adk=190292511&adf=3572679136&pi=t.ma~as.4687187148&w=728&lmt=1656582947&psa=0&format=728x90&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656582947655&bpp=9&bdt=5383&idt=9&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D46f1c4f1af7d2b8e-222913e4c2cd0005%3AT%3D1656582944%3AS%3DALNI_MbrsauRIB-DaQfLBc2VJDcMTiIQJw&prev_fmts=0x0&nras=1&correlator=5216671937182&frm=20&pv=1&ga_vid=1106156460.1656582945&ga_sid=1656582945&ga_hid=1738100419&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067528&oid=2&pvsid=1096025088954002&tmod=616171689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&fsb=1&xpc=mP2XPgQQfY&p=https%3A//orientaldaily.on.cc&dtd=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:47 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: v143ph1rh3dlfep7r30l4aik4b4v1rvk

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3BF3
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9UdDwewQSb6JP6wBoNtoPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9UdDwewQSb6JP6wBoNtoPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GCbeM9DccMyO8a-F7ycGNvZNX3Tp3r0bKLvhNDGyF2gkkgGt_jrRJ8orMAKIOOjwlnLrb4gKq2OmNn0IL9akfGrRQIkFiGW

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9UdDwewQSb6JP6wBoNtoPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GCbeM9DccMyO8a-F7ycGNvZNX3Tp3r0bKLvhNDGyF2gkkgGt_jrRJ8orMAKIOOjwlnLrb4gKq2OmNn0IL9akfGrRQIkFiGW
date: Thu, 30 Jun 2022 09:55:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3BF3
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECExINWjOXZIerf8T5KDZRk&google_cver=1&google_push=ARnp8GCTaTLsJ4pqeD2BsNLCwCdBpv5-fJzR9p-apk95ZY7VKlZP7TVCtNxZN-081yf8_TdDe3U...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDUwVVBSTzgtMS1FMDk3&google_push=ARnp8GCTaTLsJ4pqeD2BsNLCwCdBpv5-fJzR9p-apk95ZY7VKlZP7TVCtNxZN-081yf8_TdDe3URp9lTaaPZKRXEe9L-EhJalb4

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDUwVVBSTzgtMS1FMDk3&google_push=ARnp8GCTaTLsJ4pqeD2BsNLCwCdBpv5-fJzR9p-apk95ZY7VKlZP7TVCtNxZN-081yf8_TdDe3URp9lTaaPZKRXEe9L-EhJalb4

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDUwVVBSTzgtMS1FMDk3&google_push=ARnp8GCTaTLsJ4pqeD2BsNLCwCdBpv5-fJzR9p-apk95ZY7VKlZP7TVCtNxZN-081yf8_TdDe3URp9lTaaPZKRXEe9L-EhJalb4
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3BF3
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELl3__V4GDKLMUKQNwXLNKM&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELl3__V4GDKLMUKQNwXLNKM&google_hm=Yr1zJClV1LElFqjpreatSwAABI0AAAAB&google_nid=index&google_push=ARnp8GD-MZuU1RlpJBaf1r8jqsPk2LUDtee2n...

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELl3__V4GDKLMUKQNwXLNKM&google_hm=Yr1zJClV1LElFqjpreatSwAABI0AAAAB&google_nid=index&google_push=ARnp8GD-MZuU1RlpJBaf1r8jqsPk2LUDtee2nH9j5z5osaypHqaC9YGw96MWue2ZKYOHuz0OGznz2sPus34DGhEcDi8SpXeX4_8

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZWvLmPlpuxTzZTz9L52n2ja%2BFCVH77iwZt8A6b0L9B0iq5E%2Blz0xKhltohZi9zoFvdR9vYommAOlCB0ODMMx%2F9K3Fhi6L%2BsbitwQUDsVbRM3L99%2FLgKTj8j5A%2F%2B4KK0Kgx7gKAi4nZbCA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELl3__V4GDKLMUKQNwXLNKM&google_hm=Yr1zJClV1LElFqjpreatSwAABI0AAAAB&google_nid=index&google_push=ARnp8GD-MZuU1RlpJBaf1r8jqsPk2LUDtee2nH9j5z5osaypHqaC9YGw96MWue2ZKYOHuz0OGznz2sPus34DGhEcDi8SpXeX4_8
cache-control: no-cache
cf-ray: 723607434b7c9b1c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 3BF3 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3BF3 0
12 B 18ms
17ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JXX3PlicUW7cHg7TmcDOcb1YVIILHpLQv4VSr_IbnH7Zl8sDfwMrXDVd2DD9fojobihgQV1w

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 style.css
s0.2mdn.net/sadbundle/15374167833468129461/728x90/css/ Frame FAC2 497 B
290 B 7ms
7ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98b97dd8a7deaa5deb5db189d2232c24ff1ef9364a85c6e4af58652f4acb3bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158218
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 261
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 13:58:50 GMT

GET
H3 200 bg1.jpg
s0.2mdn.net/sadbundle/15374167833468129461/728x90/images/ Frame FAC2 60 KB
60 KB 12ms
12ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/images/bg1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62ac909c03d9849fe1bfd100483c096325c7b77b83d74e47f9bb3b9b71185511

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:58:50 GMT
x-content-type-options: nosniff
age: 158218
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61463
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 13:58:50 GMT

GET
H3 200 legal.png
s0.2mdn.net/sadbundle/15374167833468129461/728x90/images/ Frame FAC2 2 KB
2 KB 16ms
9ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/images/legal.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57c57c3c8bf23476c0db84136a9b39fc2201cb9a982eca4cea83889ff68d23f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:58:50 GMT
x-content-type-options: nosniff
age: 158218
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1604
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 13:58:50 GMT

GET
H3 200 bg2.jpg
s0.2mdn.net/sadbundle/15374167833468129461/728x90/images/ Frame FAC2 50 KB
50 KB 20ms
13ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/images/bg2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb15699b8ac25947f2e62253efbcd84f1b954478d0a440f57d53186797e1d1f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:58:50 GMT
x-content-type-options: nosniff
age: 158218
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51062
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 13:58:50 GMT

GET
H3 200 legal2.png
s0.2mdn.net/sadbundle/15374167833468129461/728x90/images/ Frame FAC2 1 KB
1 KB 18ms
11ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/images/legal2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3ebc2cee7a5b7b0a6babcc921f9afad143474933fc7171820c28f88270a7071

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:58:50 GMT
x-content-type-options: nosniff
age: 158218
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1396
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 13:58:50 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/15374167833468129461/728x90/images/ Frame FAC2 8 KB
8 KB 21ms
14ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/images/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aec15f636c485f3f7cd334a15982cbe33e446aca7ac46a0271696ef26a05765

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:58:50 GMT
x-content-type-options: nosniff
age: 158218
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8159
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 13:58:50 GMT

GET
H3 200 tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame FAC2 105 KB
35 KB 26ms
19ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35824
x-xss-protection: 0
last-modified: Fri, 09 Oct 2015 14:01:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Jun 2022 09:55:48 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/15374167833468129461/728x90/js/ Frame FAC2 992 B
402 B 17ms
10ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/js/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f52f5aece8d04c4685806353fb7c9646225fcdd825d1ba36d50472e771da79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15374167833468129461/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158218
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 373
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 13:58:50 GMT

GET
H3 200 jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js Show response
pagead2.googlesyndication.com/bg/ Frame EC59 36 KB
13 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 09:10:06 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B0FD 0
26 B 58ms
43ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuB1iEssLSl86tV_kRkdeYKCO4C6yuZTwJaPw4HCgTyVhfQKODyQzWzV5ZqMvjGJsriKO4fYBnLbwmmGL4MNT7pq_qrN6ztAMFa0ZhVkk26zpVA_uBvCU4cgW9UGYLwTc8tnwJCPySNzXQV6L9JcqJS6VHjRYLoBDQmJJjgDhsB_YA6nIGZdLX6q0PyYW7tIBK02WSzpkYxbFHUrHwM3KLQNxHAITX8FPL3tRxpLHth4ykcYN378ARE0M63HIzbGEzACMj9N1XPgG4V_bkcbbl5ft4JxPbggBKrsqPZor5zpPuPyWKdpfGsU9_ARZbGrbJbkoE8aFVTBUSQAwerxjKO27Brxh8XNZ7_ZY6pBVf8VZvABmKvOrUnb9qe9JI3EeJ_nFj8V_wDKVoUttuod1dWNICIBF-hKP4J2v5Wn9UZsGlA8OdzHcb_iaUCEWSmMWdfgKezkPoOryPK0Hfyx2wK33FJ2Zes8enLVtzq8lhthjJWNIWs8RB6FXdV2jboyWdpreAWGtOOsY3wrPGSqCHRT3liIr7wFordEKUPg5WTGYjRlTJbnKKMlDZlsUMpTQZZIsK-D5eiPjBMHYLhdgm0-NE1gRNmActWhhJvKwP4wiFDHjlN2hANvRvQ7WF9f2PEtiHMcK1KqxuljArwBjCah1YUfjfRLEubyca1DpbMsW2yV-3QQIzi1tM_q-gVEV3qJfHm97U-AqPCjufa3P7eIfe1OH41rjs-1cC9fBDJMcQ23jivT5S_TpDb8SupDxfDnM0AJsSmWeMMB0PX2fCUqBT5chteBj10B1Rh56yvyh29dAsq1K7YDnCUIXjrqW7KePeJiSWFdkfRoaCekHKza9bu0l9RyWK-0uY13hortCB1BQ_ATUprBrbKfZOaquvKeyPVEWDeSoPFcIdLxcZPUqJYPtDq2xpNkgdR_A6w2-1g4y7jDaeZPgbNdFuPwp7yfkuKlssLIYr4xFQ5vltjmw-DYnRagko4gJU4cgowuS878DTznzIlgigr7eTfxtB-YeClFaAj2OKJPKYa03DU9zg8ksBUmsC_UJ5VHdLNId5_VsDO-4z5ND9Wf-1E1V7r-9zPsweMmtfHSwWmzS7ntmgutPklmU9Rm0Zxx3uHM513mdsf91nvVfgaafsansE1Phu3y4wHfTo2aESJLx1KsYnqbwWN7bYMZbvEFchBrQ5qT_drZSgvOm2LN1220OAojpf0w4AVn3R_-GDiVm0c6Koc1xLD&sai=AMfl-YQZEUr03vOv8MKs5aKSLyJsmoYKJOp71OSIu-tPCVGKlPpxG6W-ocv3RTyqp0gZSHLwgIwxZMpdyrVOwg01eY09l9-_cAifmZihruuHYRRrDbjzOIjco6ZvXZ4qQtwvgRPqNUa2Yw7ngMQfpN6bD2BUxEujL2ZLQKlZNUwLRjGVamI8145WqwJJCQIsZWJq-2UWLKPv3jS_1A_yDXeU8g&sig=Cg0ArKJSzGPZsEkY4EmiEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=267&vt=11&dtpt=144&dett=3&cstd=119&cisv=r20220628.85655&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:55:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK adlogs Show response
in.treasuredata.com/js/v3/event/popin_ads/ 89 B
559 B 423ms
112ms Script
application/javascript 52.207.58.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1656582948511&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoiIiwiY2hhbm5lbF9pZCI6InN0YW5kYXJkX3BjXzR4MiIsInRpbWVfc2hvd19zZWNvbmRzIjoxLCJyZXF1ZXN0X2FkIjoxNSwiZG1mIjoibSIsInJlc3BvbnNlX2FkIjo5LCJzbWphZCI6MCwiYXBpX2hvc3QiOiJoay5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJvcmllbnRhbGRhaWx5Lm9uLmNjX2hrIiwidXJsIjoiaHR0cHM6Ly9vcmllbnRhbGRhaWx5Lm9uLmNjL2NvbnRlbnQvJUU3JTk0JUEyJUU3JUI2JTkzL29kbi0yMDIyMDYzMC0wNjMwXzAwMjAyXzAzNS8lRTYlQjglQTMlRTYlODklOTMlRTYlOTMlQUMlRTUlODYlOEQlRTYlOTUlQjQlRTUlOTAlODglRTUlOEQlQjAlRTUlQkElQTYlRTglQjIlQjglRTYlQUMlQkUiLCJsb2dpZCI6IjczM2UyMTZiLTIxYTktNDAyMi04NWFiLThlYWE3OTBmMGNiNSIsInVpZCI6ImFhNjJjZDkzMTE5MDIyMTJlNWYxNjU2NTgyOTQ3MTY0IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiMGNjODg1ZWEtNWEzZi00MzA3LWE5NTAtMTIzNzIxMDk3MzU3IiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6Iua4o%2BaJk%2BaTrOWGjeaVtOWQiOWNsOW6puiyuOasviIsInRkX3VybCI6Imh0dHBzOi8vb3JpZW50YWxkYWlseS5vbi5jYy9jb250ZW50LyVFNyU5NCVBMiVFNyVCNiU5My9vZG4tMjAyMjA2MzAtMDYzMF8wMDIwMl8wMzUvJUU2JUI4JUEzJUU2JTg5JTkzJUU2JTkzJUFDJUU1JTg2JThEJUU2JTk1JUI0JUU1JTkwJTg4JUU1JThEJUIwJUU1JUJBJUE2JUU4JUIyJUI4JUU2JUFDJUJFIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDMuMC41MDYwLjUzIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IldpbjMyIiwidGRfaG9zdCI6Im9yaWVudGFsZGFpbHkub24uY2MiLCJ0ZF9wYXRoIjoiL2NvbnRlbnQvJUU3JTk0JUEyJUU3JUI2JTkzL29kbi0yMDIyMDYzMC0wNjMwXzAwMjAyXzAzNS8lRTYlQjglQTMlRTYlODklOTMlRTYlOTMlQUMlRTUlODYlOEQlRTYlOTUlQjQlRTUlOTAlODglRTUlOEQlQjAlRTUlQkElQTYlRTglQjIlQjglRTYlQUMlQkUiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoidGRfaXAiLCJ0ZF9icm93c2VyIjoidGRfYnJvd3NlciIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6InRkX2Jyb3dzZXJfdmVyc2lvbiIsInRkX29zIjoidGRfb3MiLCJ0ZF9vc192ZXJzaW9uIjoidGRfb3NfdmVyc2lvbiIsImNsaWVudF9pZCI6IjBjYzg4NWVhLTVhM2YtNDMwNy1hOTUwLTEyMzcyMTA5NzM1NyIsImNvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwiY2F0ZWdvcnkiOiLnlKLntpMiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0%3D&callback=TreasureJSONPCallback0

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.207.58.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-207-58-221.compute-1.amazonaws.com

Software

Resource Hash

3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 09:55:48 GMT
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Content-Length: 89
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript

GET
H/1.1 200
OK logo.png
api.popin.cc/images/ 2 KB
3 KB 258ms
258ms Image
image/png 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.popin.cc/images/logo.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 09:55:48 GMT
Last-Modified: Tue, 02 Apr 2019 12:00:56 GMT
Server: nginx
ETag: "b10c5c3579ba2dba39fd2804188dc3f1"
X-Cache-Status: HIT from 10.252.55.44
x-amz-version-id: null
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2316
Expires: Thu, 30 Jun 2022 10:55:48 GMT

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
347 B 268ms
268ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjoxLCJhcGlfaG9zdCI6ImhrLnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6Im9yaWVudGFsZGFpbHkub24uY2NfaGsiLCJ1cmwiOiJodHRwczovL29yaWVudGFsZGFpbHkub24uY2MvY29udGVudC8lRTclOTQlQTIlRTclQjYlOTMvb2RuLTIwMjIwNjMwLTA2MzBfMDAyMDJfMDM1LyVFNiVCOCVBMyVFNiU4OSU5MyVFNiU5MyVBQyVFNSU4NiU4RCVFNiU5NSVCNCVFNSU5MCU4OCVFNSU4RCVCMCVFNSVCQSVBNiVFOCVCMiVCOCVFNiVBQyVCRSIsInVpZCI6ImFhNjJjZDkzMTE5MDIyMTJlNWYxNjU2NTgyOTQ3MTY0IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiMGNjODg1ZWEtNWEzZi00MzA3LWE5NTAtMTIzNzIxMDk3MzU3IiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IiIsInRkX3VybCI6Imh0dHBzOi8vb3JpZW50YWxkYWlseS5vbi5jYy9jb250ZW50LyVFNyU5NCVBMiVFNyVCNiU5My9vZG4tMjAyMjA2MzAtMDYzMF8wMDIwMl8wMzUvJUU2JUI4JUEzJUU2JTg5JTkzJUU2JTkzJUFDJUU1JTg2JThEJUU2JTk1JUI0JUU1JTkwJTg4JUU1JThEJUIwJUU1JUJBJUE2JUU4JUIyJUI4JUU2JUFDJUJFIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDMuMC41MDYwLjUzIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IldpbjMyIiwidGRfaG9zdCI6Im9yaWVudGFsZGFpbHkub24uY2MiLCJ0ZF9wYXRoIjoiL2NvbnRlbnQvJUU3JTk0JUEyJUU3JUI2JTkzL29kbi0yMDIyMDYzMC0wNjMwXzAwMjAyXzAzNS8lRTYlQjglQTMlRTYlODklOTMlRTYlOTMlQUMlRTUlODYlOEQlRTYlOTUlQjQlRTUlOTAlODglRTUlOEQlQjAlRTUlQkElQTYlRTglQjIlQjglRTYlQUMlQkUiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMDMuMC41MDYwIiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6IjBjYzg4NWVhLTVhM2YtNDMwNy1hOTUwLTEyMzcyMTA5NzM1NyIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1656582948498
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 09:55:48 GMT
Last-Modified: Fri, 10 Jan 2020 11:34:08 GMT
Server: nginx/1.13.5
ETag: "5e186130-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK adlogs
log.popin.cc/log/popin_ads/ 66 B
347 B 262ms
260ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoiIiwiY2hhbm5lbF9pZCI6InN0YW5kYXJkX3BjXzR4MiIsInRpbWVfc2hvd19zZWNvbmRzIjoxLCJyZXF1ZXN0X2FkIjoxNSwiZG1mIjoibSIsInJlc3BvbnNlX2FkIjo5LCJzbWphZCI6MCwiYXBpX2hvc3QiOiJoay5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJvcmllbnRhbGRhaWx5Lm9uLmNjX2hrIiwidXJsIjoiaHR0cHM6Ly9vcmllbnRhbGRhaWx5Lm9uLmNjL2NvbnRlbnQvJUU3JTk0JUEyJUU3JUI2JTkzL29kbi0yMDIyMDYzMC0wNjMwXzAwMjAyXzAzNS8lRTYlQjglQTMlRTYlODklOTMlRTYlOTMlQUMlRTUlODYlOEQlRTYlOTUlQjQlRTUlOTAlODglRTUlOEQlQjAlRTUlQkElQTYlRTglQjIlQjglRTYlQUMlQkUiLCJsb2dpZCI6IjczM2UyMTZiLTIxYTktNDAyMi04NWFiLThlYWE3OTBmMGNiNSIsInVpZCI6ImFhNjJjZDkzMTE5MDIyMTJlNWYxNjU2NTgyOTQ3MTY0IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiMGNjODg1ZWEtNWEzZi00MzA3LWE5NTAtMTIzNzIxMDk3MzU3IiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6Iua4o+aJk+aTrOWGjeaVtOWQiOWNsOW6puiyuOasviIsInRkX3VybCI6Imh0dHBzOi8vb3JpZW50YWxkYWlseS5vbi5jYy9jb250ZW50LyVFNyU5NCVBMiVFNyVCNiU5My9vZG4tMjAyMjA2MzAtMDYzMF8wMDIwMl8wMzUvJUU2JUI4JUEzJUU2JTg5JTkzJUU2JTkzJUFDJUU1JTg2JThEJUU2JTk1JUI0JUU1JTkwJTg4JUU1JThEJUIwJUU1JUJBJUE2JUU4JUIyJUI4JUU2JUFDJUJFIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDMuMC41MDYwLjUzIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IldpbjMyIiwidGRfaG9zdCI6Im9yaWVudGFsZGFpbHkub24uY2MiLCJ0ZF9wYXRoIjoiL2NvbnRlbnQvJUU3JTk0JUEyJUU3JUI2JTkzL29kbi0yMDIyMDYzMC0wNjMwXzAwMjAyXzAzNS8lRTYlQjglQTMlRTYlODklOTMlRTYlOTMlQUMlRTUlODYlOEQlRTYlOTUlQjQlRTUlOTAlODglRTUlOEQlQjAlRTUlQkElQTYlRTglQjIlQjglRTYlQUMlQkUiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMDMuMC41MDYwIiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6IjBjYzg4NWVhLTVhM2YtNDMwNy1hOTUwLTEyMzcyMTA5NzM1NyIsImNvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwiY2F0ZWdvcnkiOiLnlKLntpMiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1656582948513
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 09:55:48 GMT
Last-Modified: Thu, 13 Dec 2018 07:32:33 GMT
Server: nginx/1.13.5
ETag: "5c120b11-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H2 200 s.gif
r.popin.cc/ 35 B
187 B 778ms
255ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&uid=aa62cd9311902212e5f1656582947164&type=pc_pv&nid=pc&media=orientaldaily.on.cc_hk&r5=ca_%E7%94%A2%E7%B6%93|ch_cy_tw&t=1656582948513&tz=hk
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:49 GMT
last-modified: Tue, 10 Sep 2019 08:00:09 GMT
server: nginx
etag: "5d775809-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
347 B 263ms
261ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjAsImFwaV9ob3N0IjoiaGsucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoib3JpZW50YWxkYWlseS5vbi5jY19oayIsInVybCI6Imh0dHBzOi8vb3JpZW50YWxkYWlseS5vbi5jYy9jb250ZW50LyVFNyU5NCVBMiVFNyVCNiU5My9vZG4tMjAyMjA2MzAtMDYzMF8wMDIwMl8wMzUvJUU2JUI4JUEzJUU2JTg5JTkzJUU2JTkzJUFDJUU1JTg2JThEJUU2JTk1JUI0JUU1JTkwJTg4JUU1JThEJUIwJUU1JUJBJUE2JUU4JUIyJUI4JUU2JUFDJUJFIiwibG9naWQiOiI3MzNlMjE2Yi0yMWE5LTQwMjItODVhYi04ZWFhNzkwZjBjYjUiLCJ1aWQiOiJhYTYyY2Q5MzExOTAyMjEyZTVmMTY1NjU4Mjk0NzE2NCIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6IjBjYzg4NWVhLTVhM2YtNDMwNy1hOTUwLTEyMzcyMTA5NzM1NyIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLmuKPmiZPmk6zlho3mlbTlkIjljbDluqbosrjmrL4iLCJ0ZF91cmwiOiJodHRwczovL29yaWVudGFsZGFpbHkub24uY2MvY29udGVudC8lRTclOTQlQTIlRTclQjYlOTMvb2RuLTIwMjIwNjMwLTA2MzBfMDAyMDJfMDM1LyVFNiVCOCVBMyVFNiU4OSU5MyVFNiU5MyVBQyVFNSU4NiU4RCVFNiU5NSVCNCVFNSU5MCU4OCVFNSU4RCVCMCVFNSVCQSVBNiVFOCVCMiVCOCVFNiVBQyVCRSIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAzLjAuNTA2MC41MyBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJXaW4zMiIsInRkX2hvc3QiOiJvcmllbnRhbGRhaWx5Lm9uLmNjIiwidGRfcGF0aCI6Ii9jb250ZW50LyVFNyU5NCVBMiVFNyVCNiU5My9vZG4tMjAyMjA2MzAtMDYzMF8wMDIwMl8wMzUvJUU2JUI4JUEzJUU2JTg5JTkzJUU2JTkzJUFDJUU1JTg2JThEJUU2JTk1JUI0JUU1JTkwJTg4JUU1JThEJUIwJUU1JUJBJUE2JUU4JUIyJUI4JUU2JUFDJUJFIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTAzLjAuNTA2MCIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiIwY2M4ODVlYS01YTNmLTQzMDctYTk1MC0xMjM3MjEwOTczNTciLCJjb21tb25fY2F0ZWdvcnkiOiJidXNpbmVzcyIsImNhdGVnb3J5Ijoi55Si57aTIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1656582948513
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 09:55:48 GMT
Last-Modified: Fri, 10 Jan 2020 11:34:08 GMT
Server: nginx/1.13.5
ETag: "5e186130-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK other
inrecsys.popin.cc/PopinService/Logs/ 0
108 B 1114ms
273ms Image
text/plain 119.63.197.136
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inrecsys.popin.cc/PopinService/Logs/other?data=eyJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIwY2M4ODVlYS01YTNmLTQzMDctYTk1MC0xMjM3MjEwOTczNTciLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5rij5omT5pOs5YaN5pW05ZCI5Y2w5bqm6LK45qy+IiwidGRfdXJsIjoiaHR0cHM6Ly9vcmllbnRhbGRhaWx5Lm9uLmNjL2NvbnRlbnQvJUU3JTk0JUEyJUU3JUI2JTkzL29kbi0yMDIyMDYzMC0wNjMwXzAwMjAyXzAzNS8lRTYlQjglQTMlRTYlODklOTMlRTYlOTMlQUMlRTUlODYlOEQlRTYlOTUlQjQlRTUlOTAlODglRTUlOEQlQjAlRTUlQkElQTYlRTglQjIlQjglRTYlQUMlQkUiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMy4wLjUwNjAuNTMgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0Ijoib3JpZW50YWxkYWlseS5vbi5jYyIsInRkX3BhdGgiOiIvY29udGVudC8lRTclOTQlQTIlRTclQjYlOTMvb2RuLTIwMjIwNjMwLTA2MzBfMDAyMDJfMDM1LyVFNiVCOCVBMyVFNiU4OSU5MyVFNiU5MyVBQyVFNSU4NiU4RCVFNiU5NSVCNCVFNSU5MCU4OCVFNSU4RCVCMCVFNSVCQSVBNiVFOCVCMiVCOCVFNiVBQyVCRSIsInRkX3JlZmVycmVyIjoiIiwidGRfaXAiOiIyMTcuNjQuMTUxLjY5IiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEwMy4wLjUwNjAiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiZGlzaF9jb21tb25fY2F0ZWdvcnkiOiJidXNpbmVzcyIsImtleSI6ImtleTE2NTY1ODI5NDcxNjUiLCJub3ciOjE2NTY1ODI5NDg1MTMsImNsaWVudF9pZCI6IjBjYzg4NWVhLTVhM2YtNDMwNy1hOTUwLTEyMzcyMTA5NzM1NyIsInVybCI6Imh0dHBzOi8vb3JpZW50YWxkYWlseS5vbi5jYy9jb250ZW50LyVFNyU5NCVBMiVFNyVCNiU5My9vZG4tMjAyMjA2MzAtMDYzMF8wMDIwMl8wMzUvJUU2JUI4JUEzJUU2JTg5JTkzJUU2JTkzJUFDJUU1JTg2JThEJUU2JTk1JUI0JUU1JTkwJTg4JUU1JThEJUIwJUU1JUJBJUE2JUU4JUIyJUI4JUU2JUFDJUJFIiwidWlkIjoiYWE2MmNkOTMxMTkwMjIxMmU1ZjE2NTY1ODI5NDcxNjQiLCJzbWpJZCI6IiIsImRldmljZSI6InBjIiwiZGlzaF9tZWRpYSI6Im9yaWVudGFsZGFpbHkub24uY2NfaGsiLCJkaXNoX2NhdGVnb3J5Ijoi55Si57aTIiwiZGlzaF9kb21haW4iOiJvcmllbnRhbGRhaWx5Lm9uLmNjIiwidl9kaXNoX2xhYmVscyI6IuW+t+aEj+W/l+mKgOihjCzljbDluqbnm6fmr5Qs5pS26LK75YWs6LevLOa4o+aJk+mKgOihjCzpoIXnm64s546755KD5Zmo55q/LOS4jeiJr+iyuOasvizmtojmga/kurrlo6ss6LOH55Si6YeN57WELOWbnuaUtueOhyzluLPmiLYs6Kqq5piO5paHLOe4veWAvCzlh7rllK4s5qWt5YuZLOWFrOi3ryzosrflrrYs5YK15YuZLOWMheaLrCzlo5Plipss5pWe5Y+jLOaXqeWJjSzpm4blnJgs6YOo5YiGLOePvumHkSzoqIjlioMs5YiG6KGMLOW4s+ebrizmlbTnkIYs6aCQ5LuYLOacrOmHkSzmjqXmiYss5pa55byPLOWFrOWPuCzllK7kuogs56u25qiZLOaTtOWkpyzlhJ/pgoQs6YKA6KuLLOaTrOWHuiznmbzlh7os5aCx6YGTLOWwi+aJvizmjIHnuows57WE5ZCILOW8lei/sCIsInZfZGlzaF90bGFiZWxzIjoi5Y2w5bqmLOiyuOasvizmuKPmiZMs5pW05ZCIIiwibG9naWQiOiI3MzNlMjE2Yi0yMWE5LTQwMjItODVhYi04ZWFhNzkwZjBjYjUiLCJhcGlfaG9zdCI6ImhrLnBvcGluLmNjIiwiZG9tYWluIjoib3JpZW50YWxkYWlseS5vbi5jYyIsInBvcGluX3ZlcnNpb24iOjZ9
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.63.197.136 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/plain

GET
H2 200 s.gif
r.popin.cc/ 35 B
187 B 778ms
256ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&uid=&type=pc_channel_pv&nid=pc&media=orientaldaily.on.cc_hk&r5=ca_%E7%94%A2%E7%B6%93|ch_standard_pc_4x2|ch_cy_tw&t=1656582948541&tz=hk
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:49 GMT
last-modified: Tue, 10 Sep 2019 08:00:09 GMT
server: nginx
etag: "5d775809-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
347 B 268ms
267ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6IiIsImNoYW5uZWxfaWQiOiJzdGFuZGFyZF9wY180eDIiLCJleHBlY3RlZF9hZCI6MywicmVuZGVyZWRfYWQiOjMsImFwaV9ob3N0IjoiaGsucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoib3JpZW50YWxkYWlseS5vbi5jY19oayIsInVybCI6Imh0dHBzOi8vb3JpZW50YWxkYWlseS5vbi5jYy9jb250ZW50LyVFNyU5NCVBMiVFNyVCNiU5My9vZG4tMjAyMjA2MzAtMDYzMF8wMDIwMl8wMzUvJUU2JUI4JUEzJUU2JTg5JTkzJUU2JTkzJUFDJUU1JTg2JThEJUU2JTk1JUI0JUU1JTkwJTg4JUU1JThEJUIwJUU1JUJBJUE2JUU4JUIyJUI4JUU2JUFDJUJFIiwibG9naWQiOiI3MzNlMjE2Yi0yMWE5LTQwMjItODVhYi04ZWFhNzkwZjBjYjUiLCJ1aWQiOiJhYTYyY2Q5MzExOTAyMjEyZTVmMTY1NjU4Mjk0NzE2NCIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6IjBjYzg4NWVhLTVhM2YtNDMwNy1hOTUwLTEyMzcyMTA5NzM1NyIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLmuKPmiZPmk6zlho3mlbTlkIjljbDluqbosrjmrL4iLCJ0ZF91cmwiOiJodHRwczovL29yaWVudGFsZGFpbHkub24uY2MvY29udGVudC8lRTclOTQlQTIlRTclQjYlOTMvb2RuLTIwMjIwNjMwLTA2MzBfMDAyMDJfMDM1LyVFNiVCOCVBMyVFNiU4OSU5MyVFNiU5MyVBQyVFNSU4NiU4RCVFNiU5NSVCNCVFNSU5MCU4OCVFNSU4RCVCMCVFNSVCQSVBNiVFOCVCMiVCOCVFNiVBQyVCRSIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAzLjAuNTA2MC41MyBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJXaW4zMiIsInRkX2hvc3QiOiJvcmllbnRhbGRhaWx5Lm9uLmNjIiwidGRfcGF0aCI6Ii9jb250ZW50LyVFNyU5NCVBMiVFNyVCNiU5My9vZG4tMjAyMjA2MzAtMDYzMF8wMDIwMl8wMzUvJUU2JUI4JUEzJUU2JTg5JTkzJUU2JTkzJUFDJUU1JTg2JThEJUU2JTk1JUI0JUU1JTkwJTg4JUU1JThEJUIwJUU1JUJBJUE2JUU4JUIyJUI4JUU2JUFDJUJFIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTAzLjAuNTA2MCIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiIwY2M4ODVlYS01YTNmLTQzMDctYTk1MC0xMjM3MjEwOTczNTciLCJjb21tb25fY2F0ZWdvcnkiOiJidXNpbmVzcyIsImNhdGVnb3J5Ijoi55Si57aTIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1656582948542
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 09:55:48 GMT
Last-Modified: Thu, 13 Dec 2018 07:32:33 GMT
Server: nginx/1.13.5
ETag: "5c120b11-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H2 200 log.gif
r.popin.cc/ 35 B
187 B 777ms
255ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/log.gif?type=related-tw&uid=aa62cd9311902212e5f1656582947164&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&t=1656582948542
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:49 GMT
last-modified: Tue, 10 Sep 2019 08:00:09 GMT
server: nginx
etag: "5d775809-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EC59 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuwyZJHO9YoqLCe2s9u8PyfizsAcAAAAAOAHgBAI&bg=!yMuly4_NAAaLlKKnq5Q7ACkAdvg8WvK0_UCdnT8Bck8-RuVlXtCnTi_5-XXW4Ag1d-kNxkERYdu23wIAAACpUgAAAAJoAQcKAFVpKTf98kdd7qWIQCBn595Qa9N5Mka6tkJheyFdgMM--seF9DIsGr6QcWXimHqnuVVGmJAGmmW84nofgRcmHmAH3sGVW1477sG8RWhPOxHVatYY42nfmQMIeaueBmgjsoZ3i6Rh2FAz6gZUGsBjWVzNnrFN11OhOJG-7Q7UAWJicX_NMqGkhSelRROFBqkyhgo0jBztQwhX9rDaxceyqihGJxuKgGwv5IfnT-RRZHoz1RqJvxmdUdoJ2lUh7OpLunNy5JGuiPDFSrPTSRkG3WtTH5rRZ0S-A9tbdvY4K_aSRNQYjv_iSfloW_BEQsW8ukJPENv3jTl1R4DCY1kPIYugzruBb8a8fCX0eeOBjP2jMcKdMs72GlBvRc3VfsKRqu18NVYc-VLdKg9gmrGeUq5arJS3rihbP3p4jjS0c2vzYQR0dWFTFgjrgiv0EFIi32-vrdo5RweWqnte0QkCYM5hi4c6My6UxjRJI4vPgMADpCYU9H1skg09oGLvEIBgdrR0wB615S1PwuXHKzU_v4kZO9RxAxZVCOTyJ6nejq9vFcXQ1xxpdicFoxtyRvA-C-6QuIo006oKqtS1ZkbNXd7f9fmvR2h8PxVUbqAWDO_iv6ryT9o6CqQm57c6A3mKJA5ZfEArsVdcyjtkjOOtiMRWb16ncoazxd-qn33GZHiyBRtaZKLdv98S9UUBZF5d7wK5SkgBu4Cfr9ZX3PSXMlrGcGR0nVd-0rHXHzg3VygtGJvSS4ODy10QGGO7dQLYq0AuL-THvZVVEEWnmDaLycAmkM2Fyypt5_162siJ6erYtJGTgGlh_L5aHe49UGFijy87qdZxtGtigA15vRixsJkWGNj3JtRTeDH1OMcmRvQ3Qp3R0qw-8tTWVOGmN-OUpfNGDpAYE48Eq7DufKJWoOK_6CXrqt98iZ6xWs_8f8EOXkdZmsQY94zxK67U0OPNvmMQBwW9NDMF7NZmoRy5NDxnFfsSiRYekyQtPCjGG3PD2oL_7wWBL3gakPrhMY0X_jLwOt6WAB51se55Bv5nq91kVU9NWys_1I1Rb1XF5ZjkYvRj-yAPMyhOj7dHZWr2UV6_jOLZG2guuuybBg6g7r1s_SJUrkFfaZs-4dQJRNgiqEmQDx4McVi8FCP4a4ghocE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ajs.php Show response
ad4.on.cc/web/www/delivery/ 1 KB
1 KB 218ms
218ms Script
text/javascript 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=834
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7803ee9d8c70a70d6e0ea86a2497bbbd69520e837695a7e0399b84872f55dca9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Jun 2022 09:55:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
cf-ray: 723607463f319279-FRA
content-type: text/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 163 KB
55 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8884831d3c0db189aad3fa550eb11d5714173cc081b1a1055dc8e91c7c063fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56362
x-xss-protection: 0
server: cafe
etag: 13745493794760195521
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 09:55:49 GMT

GET
H2 200 lg.php
ad4.on.cc/web/www/delivery/ 43 B
196 B 237ms
236ms Image
image/gif 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4.on.cc/web/www/delivery/lg.php?bannerid=6314&campaignid=3387&zoneid=834&loc=1&referer=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&cb=69c0e75e7d
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:49 GMT
cf-cache-status: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
content-length: 43
pragma: no-cache
last-modified: Thu, 30 Jun 2022 09:55:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
accept-ranges: bytes
cf-ray: 72360747f92a9279-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=orientaldaily.on.cc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7B72 76 KB
31 KB 495ms
495ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3565501396&adf=356650500&pi=t.ma~as.6393984442&w=300&lmt=1656582949&psa=1&format=300x250&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656582949106&bpp=2&bdt=6834&idt=2&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db15a9a9afd32aff0-22f10ef3c2cd0054%3AT%3D1656582945%3AS%3DALNI_MbaZIbGHyVbYwlxTDheFZ1wlx3v_g&prev_fmts=0x0%2C728x90&nras=1&correlator=5216671937182&frm=20&pv=1&ga_vid=1673556023.1656582948&ga_sid=1656582948&ga_hid=1738100419&ga_fc=1&ga_cid=1106156460.1656582945&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067528&oid=2&psts=AGkb-H_osKdvJFBc72kOxRRZyW8AyB59_m4FGhaVxWaPhXQdsdL8DATrXKMaltS4Qyv4-tVbp6AZtypo_YhXgWr-&pvsid=1096025088954002&tmod=2031454087&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=ygBxarN53i&p=https%3A//orientaldaily.on.cc&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de9d992a98e75e15ccc5e749614e41102eab269a7051078cd7fd855bddc445f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 31492
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 09:55:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B0FD 42 B
64 B 50ms
49ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-a4ERunN6N_0KGG_vAxQ_Egimk3X4QhkDf8smb4AtCA4VMvl9yMz7lVFaS2fSF5UIjnJCHFgSV4IEObU2VwoP4L6L1-RhPp8gstw8jLb4EWpcEpVZVlCoD2M8L9YZPhN503yqGg&sai=AMfl-YTkIGRmU1zYkBBiFcfZHfFe-S1MBS1vMakBomsyXON8W26_jI9mLPTKzOifkVyvYex14XCLbpf9ruGbwydLcBNcRrfSsVvnHjX3uuLtQkQClrJz7cKdSwKq_w4&sig=Cg0ArKJSzL4EKNp-VXIKEAE&cid=CAASJORo8pxd3GFkI4Zcy6BEhuS9e9AO3Z7IDtvS65xHxlMXXnl98g&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=190292511&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656582947681&rpt=700&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 13447862951295739300
tpc.googlesyndication.com/simgad/ Frame 7B72 41 KB
41 KB 171ms
170ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13447862951295739300?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmdlcbyegxSO81uo4VuTpyqRmFVQA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3565501396&adf=356650500&pi=t.ma~as.6393984442&w=300&lmt=1656582949&psa=1&format=300x250&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656582949106&bpp=2&bdt=6834&idt=2&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db15a9a9afd32aff0-22f10ef3c2cd0054%3AT%3D1656582945%3AS%3DALNI_MbaZIbGHyVbYwlxTDheFZ1wlx3v_g&prev_fmts=0x0%2C728x90&nras=1&correlator=5216671937182&frm=20&pv=1&ga_vid=1673556023.1656582948&ga_sid=1656582948&ga_hid=1738100419&ga_fc=1&ga_cid=1106156460.1656582945&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067528&oid=2&psts=AGkb-H_osKdvJFBc72kOxRRZyW8AyB59_m4FGhaVxWaPhXQdsdL8DATrXKMaltS4Qyv4-tVbp6AZtypo_YhXgWr-&pvsid=1096025088954002&tmod=2031454087&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=ygBxarN53i&p=https%3A//orientaldaily.on.cc&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c6c776f94b81f7e642cd6e6b9bc0f656061e113161f0cc109349482a17d631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:49 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41870
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 02:38:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 30 Jun 2023 09:55:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/ Frame 7B72 21 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 09:47:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame 7B72 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:51:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 09:51:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7B72 138 KB
42 KB 48ms
31ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Jun 2022 09:55:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame 7B72 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 09:55:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7B72 0
0 25ms
24ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTDWBZi-HgSP7FCvsFnZ_801RMtWf7ajD96nKsVzXr8NjA5OE4m46_8Dx90NLY5_aFVmd_ca29W4xN6csOMrNKDXIl04g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3565501396&adf=356650500&pi=t.ma~as.6393984442&w=300&lmt=1656582949&psa=1&format=300x250&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656582949106&bpp=2&bdt=6834&idt=2&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db15a9a9afd32aff0-22f10ef3c2cd0054%3AT%3D1656582945%3AS%3DALNI_MbaZIbGHyVbYwlxTDheFZ1wlx3v_g&prev_fmts=0x0%2C728x90&nras=1&correlator=5216671937182&frm=20&pv=1&ga_vid=1673556023.1656582948&ga_sid=1656582948&ga_hid=1738100419&ga_fc=1&ga_cid=1106156460.1656582945&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067528&oid=2&psts=AGkb-H_osKdvJFBc72kOxRRZyW8AyB59_m4FGhaVxWaPhXQdsdL8DATrXKMaltS4Qyv4-tVbp6AZtypo_YhXgWr-&pvsid=1096025088954002&tmod=2031454087&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=ygBxarN53i&p=https%3A//orientaldaily.on.cc&dtd=11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame 7B72 31 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0df3db2678c71d2874f90967df4df4b8f054d78b58985a59ed8a1c607a4e52c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69482
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12959
x-xss-protection: 0
server: cafe
etag: 3507954938847631516
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Jul 2022 14:37:47 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7B72 0
0 50ms
50ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAgfDJXO9Yu28CYOn6gSjhpmQDvWh_OVouLCArcMQ29keEAEgtc73H2CV4pCCoAegAYiZpNYDyAECqQJ7HXg4yxqBPqgDAcgDyQSqBN4CT9B24Y2QVJu36dBeQ148beUKI_eUUzYpq-G7PA9GCiSaf0QWBRcyr9qnK8f6n9FBrSlhwVXRv4KkiWUvOaBjpmcz7FyN1U4AS4ybfaLHwwv6Kc2vs8p6oxE1--dc2IEo06dlMU1eWxmO6Km1dk7-UfwfvfgeWfk-fg7HYQRXFjdcdoN3NO9Glcl5G9ikmu82noUj0Ym_Shn1eb_FyXHm99gInA8HRdGL-8e_L51dxhBUKXcEX0VguYVGCxKssRH3MGAuw4y8CrurASdsl5TdTSl0SJ3Lt2tc4Tbp_TjK6IKfRCgbS1o7O6HgVR5XiV68j7X1MvO22HGl84j5JDqDVRTsKrY1G0rMPq-QLSvUDNK-qAtRVD-XMWXBfZzJF-_gE8DGm3UaYmQVteyLdEwUXi7MFiyugpf2sthK8VFa-sGuUlJfg_39sGE8r0bu8sTZKQpAy5OJdvyv_Hlr9brABMaMtpmBBJIFBAgEGAGSBQQIBRgEoAYCgAfg5tspqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ668R0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMzU3MTI3MjA3NDc4ODM3MBgA&sigh=cLmTgqsmhdI&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3565501396&adf=356650500&pi=t.ma~as.6393984442&w=300&lmt=1656582949&psa=1&format=300x250&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656582949106&bpp=2&bdt=6834&idt=2&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db15a9a9afd32aff0-22f10ef3c2cd0054%3AT%3D1656582945%3AS%3DALNI_MbaZIbGHyVbYwlxTDheFZ1wlx3v_g&prev_fmts=0x0%2C728x90&nras=1&correlator=5216671937182&frm=20&pv=1&ga_vid=1673556023.1656582948&ga_sid=1656582948&ga_hid=1738100419&ga_fc=1&ga_cid=1106156460.1656582945&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067528&oid=2&psts=AGkb-H_osKdvJFBc72kOxRRZyW8AyB59_m4FGhaVxWaPhXQdsdL8DATrXKMaltS4Qyv4-tVbp6AZtypo_YhXgWr-&pvsid=1096025088954002&tmod=2031454087&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=ygBxarN53i&p=https%3A//orientaldaily.on.cc&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 30 Jun 2022 09:55:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B9E0 143 B
163 B 8ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3565501396&adf=356650500&pi=t.ma~as.6393984442&w=300&lmt=1656582949&psa=1&format=300x250&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656582949106&bpp=2&bdt=6834&idt=2&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db15a9a9afd32aff0-22f10ef3c2cd0054%3AT%3D1656582945%3AS%3DALNI_MbaZIbGHyVbYwlxTDheFZ1wlx3v_g&prev_fmts=0x0%2C728x90&nras=1&correlator=5216671937182&frm=20&pv=1&ga_vid=1673556023.1656582948&ga_sid=1656582948&ga_hid=1738100419&ga_fc=1&ga_cid=1106156460.1656582945&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067528&oid=2&psts=AGkb-H_osKdvJFBc72kOxRRZyW8AyB59_m4FGhaVxWaPhXQdsdL8DATrXKMaltS4Qyv4-tVbp6AZtypo_YhXgWr-&pvsid=1096025088954002&tmod=2031454087&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=ygBxarN53i&p=https%3A//orientaldaily.on.cc&dtd=11
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 303
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 30 Jun 2022 09:50:46 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7EFB 1 KB
749 B 8ms
7ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14525
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 05:53:44 GMT
etag: 48472445140208031
expires: Fri, 01 Jul 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7EFB
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEME04EpZx5mJvMi1to62vdQ&google_cver=1&google_push=ARnp8GAqYIlj4ONqPPpZZudC-lGeQjs7uMbrdXDTBQSq-fPsAQdSia_gum...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GAqYIlj4ONqPPpZZudC-lGeQjs7uMbrdXDTBQSq-fPsAQdSia_gumVKuO5pjOounY6g-Fyzbu8jVSnk818GFY-XYoUqnmSG3w&google_hm=hvaUe4WnnM...

170 B
188 B

18ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GAqYIlj4ONqPPpZZudC-lGeQjs7uMbrdXDTBQSq-fPsAQdSia_gumVKuO5pjOounY6g-Fyzbu8jVSnk818GFY-XYoUqnmSG3w&google_hm=hvaUe4WnnMt7nWq5wSJhow

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GAqYIlj4ONqPPpZZudC-lGeQjs7uMbrdXDTBQSq-fPsAQdSia_gumVKuO5pjOounY6g-Fyzbu8jVSnk818GFY-XYoUqnmSG3w&google_hm=hvaUe4WnnMt7nWq5wSJhow
pragma: no-cache
date: Thu, 30 Jun 2022 09:55:49 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7EFB
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEO15Gf9_SendJ9tzfQO_DZM&google_cver=1&google_push=ARnp8GCFWTxOc3ZQk5aGMPVmARhH4OwEVAMKIjAFza70dxvPC836hRWReIXHhNdYz0KYu5JPc6YEM1Azy16oU_OVBtkFPobGZ1Yhhw
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GCFWTxOc3ZQk5aGMPVmARhH4OwEVAMKIjAFza70dxvPC836hRWReIXHhNdYz0KYu5JPc6YEM1Azy16oU_OVBtkFPobGZ1Yhhw&google_hm=Q0FFU0VPMTVHZjlfU2V...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GCFWTxOc3ZQk5aGMPVmARhH4OwEVAMKIjAFza70dxvPC836hRWReIXHhNdYz0KYu5JPc6YEM1Azy16oU_OVBtkFPobGZ1Yhhw&google_hm=Q0FFU0VPMTVHZjlfU2VuZEo5dHpmUU9fRFpN

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 09:55:48 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GCFWTxOc3ZQk5aGMPVmARhH4OwEVAMKIjAFza70dxvPC836hRWReIXHhNdYz0KYu5JPc6YEM1Azy16oU_OVBtkFPobGZ1Yhhw&google_hm=Q0FFU0VPMTVHZjlfU2VuZEo5dHpmUU9fRFpN
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7EFB
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GDDPoJj...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GDDPoJj...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MzAwOTU1NTAwMDA5MTUyMjMxNDY5OQ%3D%3D&google_push=ARnp8GDDPoJj2BEpVlUBbnwEG7aOlDJuurniBtFIZqGfpjlNb4CQVfALRTTSTN6H9i19Z2...

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MzAwOTU1NTAwMDA5MTUyMjMxNDY5OQ%3D%3D&google_push=ARnp8GDDPoJj2BEpVlUBbnwEG7aOlDJuurniBtFIZqGfpjlNb4CQVfALRTTSTN6H9i19Z2VryGM_y4-9d0ZcizMnXsTos4q77Yv3xg

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MzAwOTU1NTAwMDA5MTUyMjMxNDY5OQ%3D%3D&google_push=ARnp8GDDPoJj2BEpVlUBbnwEG7aOlDJuurniBtFIZqGfpjlNb4CQVfALRTTSTN6H9i19Z2VryGM_y4-9d0ZcizMnXsTos4q77Yv3xg
pragma: no-cache
date: Thu, 30 Jun 2022 09:55:50 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Thu, 30 Jun 2022 09:55:50 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 7EFB 43 B
64 B 32ms
23ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIzXk0ykI50Ssn4poTkc4uQ&google_cver=1&google_push=ARnp8GCNp7k3C9GTZ801xSMjdXycLWrFYH0uCIYAVdDUo_nF1FComKpwIZ7fdixqso34IZjRcL7I8vKgQio4tmTuTYnKCrLnpaeoaw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3565501396&adf=356650500&pi=t.ma~as.6393984442&w=300&lmt=1656582949&psa=1&format=300x250&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656582949106&bpp=2&bdt=6834&idt=2&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db15a9a9afd32aff0-22f10ef3c2cd0054%3AT%3D1656582945%3AS%3DALNI_MbaZIbGHyVbYwlxTDheFZ1wlx3v_g&prev_fmts=0x0%2C728x90&nras=1&correlator=5216671937182&frm=20&pv=1&ga_vid=1673556023.1656582948&ga_sid=1656582948&ga_hid=1738100419&ga_fc=1&ga_cid=1106156460.1656582945&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067528&oid=2&psts=AGkb-H_osKdvJFBc72kOxRRZyW8AyB59_m4FGhaVxWaPhXQdsdL8DATrXKMaltS4Qyv4-tVbp6AZtypo_YhXgWr-&pvsid=1096025088954002&tmod=2031454087&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=ygBxarN53i&p=https%3A//orientaldaily.on.cc&dtd=11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:48 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: k7pht61qtj5974jgqbu01e76n68ki82k

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7EFB
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gbW9OuRFSBqKs4TRvB_w8Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gbW9OuRFSBqKs4TRvB_w8Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GCbuEr6ATKBuAGTqbHJIIg2de1HHNuSGhKT0OL0iYPavFkxtBp-jVL8NEhpcef-oz9aKFVRxT35aA6MhcdbS9zwcc12fIvj2Q

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gbW9OuRFSBqKs4TRvB_w8Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GCbuEr6ATKBuAGTqbHJIIg2de1HHNuSGhKT0OL0iYPavFkxtBp-jVL8NEhpcef-oz9aKFVRxT35aA6MhcdbS9zwcc12fIvj2Q
date: Thu, 30 Jun 2022 09:55:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 trk
ag.innovid.com/ Frame 7EFB 43 B
297 B 485ms
27ms Image
image/gif 2a05:d01c:1d8:8100:ead7:db0a:c4c5:a8bc
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEIBqMDtVWMo1d1jO9CwS6mA&google_cver=1&google_push=ARnp8GCu4zHpHqxQ7OOpk5BJngILvWGgI_IpgbRvgLIVmKGDV53M6MX_6u4SQ_6T4Gl0IC73f4-R-1Adwkk-btVhpWNNT_gAGX3H
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3565501396&adf=356650500&pi=t.ma~as.6393984442&w=300&lmt=1656582949&psa=1&format=300x250&url=https%3A%2F%2Forientaldaily.on.cc%2Fcontent%2F%25E7%2594%25A2%25E7%25B6%2593%2Fodn-20220630-0630_00202_035%2F%25E6%25B8%25A3%25E6%2589%2593%25E6%2593%25AC%25E5%2586%258D%25E6%2595%25B4%25E5%2590%2588%25E5%258D%25B0%25E5%25BA%25A6%25E8%25B2%25B8%25E6%25AC%25BE&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656582949106&bpp=2&bdt=6834&idt=2&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db15a9a9afd32aff0-22f10ef3c2cd0054%3AT%3D1656582945%3AS%3DALNI_MbaZIbGHyVbYwlxTDheFZ1wlx3v_g&prev_fmts=0x0%2C728x90&nras=1&correlator=5216671937182&frm=20&pv=1&ga_vid=1673556023.1656582948&ga_sid=1656582948&ga_hid=1738100419&ga_fc=1&ga_cid=1106156460.1656582945&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067528&oid=2&psts=AGkb-H_osKdvJFBc72kOxRRZyW8AyB59_m4FGhaVxWaPhXQdsdL8DATrXKMaltS4Qyv4-tVbp6AZtypo_YhXgWr-&pvsid=1096025088954002&tmod=2031454087&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&fsb=1&xpc=ygBxarN53i&p=https%3A//orientaldaily.on.cc&dtd=11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:ead7:db0a:c4c5:a8bc London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:50 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame 7EFB 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7EFB 0
12 B 18ms
16ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J59eb-saFmAYGuaNGDBeEdy_SUW885cWlL-UR8rpI-GzNySe8SYQANbxw_e5UCaX0-NHatjw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B9E0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

73ms
73ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 30 Jun 2022 09:55:49 GMT
expires: Thu, 30 Jun 2022 09:55:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 30 Jun 2022 09:55:49 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7B72 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61602351aa89bd66d37ff533399834164980fb950dd43879eb2a52f251e3f833

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 21ms
21ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022062701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

688bba0d1d5d0ae55a7dedebfdd6491928c3f3523787cf4595c70ac0de1bde55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10403
x-xss-protection: 0

GET
H/1.1 200
OK base_monitor Show response
in.treasuredata.com/js/v3/event/fe_performance/ 89 B
316 B 98ms
98ms Script
application/javascript 52.207.58.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/fe_performance/base_monitor?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1656582949847&data=eyJyY2QiOjE2NjIsInJhZCI6MTMxNiwiaG9zdCI6Im9yaWVudGFsZGFpbHkub24uY2MiLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMy4wLjUwNjAuNTMgU2FmYXJpLzUzNy4zNiIsImJyb3dzZXIiOiJDaHJvbWUiLCJicm93c2VyX3ZlcnNpb24iOiIxMDMuMC41MDYwIiwib3MiOiJXaW5kb3dzIiwib3NfdmVyc2lvbiI6IjEwLjAuMCIsImRldmljZSI6InBjIiwic2NyZWVuIjoiMTYwMHgxMjAwIiwiYXBpX2hvc3QiOiJoay5wb3Bpbi5jYyIsIm1lZGlhIjoib3JpZW50YWxkYWlseS5vbi5jY19oayIsImxpYkxvYWRNb2RlIjoiaW5saW5lIiwicmNzIjozNDk1LCJkaV9hd3IiOjQsImF3cl9yYXMiOjAsInJhZV9hZHdkIjoxMywiYWR3ZF9iZHIiOjQzLCJ0b3RhbCI6MzA0NCwicG9waW5fdmVyc2lvbiI6NiwicGVyZm9ybWFuY2VfaWQiOjE2NTY1ODI5NDcxNjR9&callback=TreasureJSONPCallback1

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.207.58.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-207-58-221.compute-1.amazonaws.com

Software

Resource Hash

0f93db846422aa8c72de38cbb2819358b78560e09242696224b08b0dd84af1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 09:55:49 GMT
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 89
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript

GET
H3 200 jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js Show response
pagead2.googlesyndication.com/bg/ Frame C011 36 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 09:10:06 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Jun 2022 09:55:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 841C 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4804
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 08:35:45 GMT
expires: Fri, 30 Jun 2023 08:35:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F342 783 B
535 B 18ms
17ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e9c6816fd8ada5bd202423068d7608179f056c77e57f9d1541c61011aa616a2c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xzExrkDLEk00QmI93hQ-Iw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-xzExrkDLEk00QmI93hQ-Iw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 09:55:49 GMT
expires: Thu, 30 Jun 2022 09:55:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js Show response
pagead2.googlesyndication.com/bg/ Frame 841C 36 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 09:10:06 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F342 0
0 57ms
56ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022062701&jk=1096025088954002&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 841C 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?JJCwLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 web_btn.png
hk.on.cc/adv/web/corp/img/ 6 KB
6 KB 23ms
22ms Image
image/png 104.16.169.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hk.on.cc/adv/web/corp/img/web_btn.png
Requested by: Host: orientaldaily.on.cc
URL: https://orientaldaily.on.cc/js/v3/lib/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.169.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d00ef9f9dce166845458fc99049b500dd07238787ccc25da41ea7f9ac7fe7b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:50 GMT
cf-cache-status: HIT
x-cacheable: Y09
age: 5671
cf-ray: 72360750ce5f9279-FRA
content-length: 5752
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Aug 2018 05:34:50 GMT
server: cloudflare
etag: "5b6297fa-1678"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 437048223 437813514
cache-control: public, max-age=7200, s-maxage=14400
accept-ranges: bytes
content-type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
58ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022062701&jk=1096025088954002&bg=!dXaldjLNAAaLlKKnq5Q7ACkAdvg8Wn1GPKBVFKO_7VaAJMhwILn39DlI1iGCUW7ipSTGY4VSCnOVtQIAAABcUgAAAAJoAQcKAJFJvslBeDcqLnYiKWc8dPIupTFqo6q6ciThYkub_QB75McUzZ72Q6TKnTNp-ZAxGe3x7CN5f4aX9nHRnbc-01veZOSm806Oi6xYQCbA3tddIG1g1AAXCTy4WIjAqfP0ZqcSx4EZAnGiWTUYONg8iWfHAcbyl-Fyi1iCsciPzGaUTZZObkXUz20XJBXblGwoXs1SmQLWtMAi2si155hv8rS1ETXdBTqyMfIOO-NN7nI0hG8t2xCPuhK0no6oOseB0x3A3N-090evVjl3nSSPcS7C5BtGehjzXPrHlq8o0Ye2DdbQexN6-ESfGBycZPSfsfWKYUhDxz0FkiKmDZ2NBMkf2MLN-suV4JlIcJJ-7FY3-MI3nASSIAjoHPjYKArIM4l-xENL8yEzgVZdR-hDxT_A_V2A0Uy88s-q48PDR9o3PCBMZPF-xZNk0nseypXiULh_dgldRq49KSoEQsFStdY2Nq0dHKvUZXXqNWN3RVgch-cSH2xW6F88V06pCAOrH-TrgXl3YXY0lhrgbCFPJmPKoZzGfp8Wk2cE8f9i3qUCeqGqwp5mzKm_gL56jwyFs8NI8pX2k4zuoKTlvqJFw69OpNmatjkgVmOSHzja7dDVNXgpID7FsheDH8k8dnbZM9uEEPyg8CK-uYfTZl5usrM6qH1uYaWtelGDp16B70QHEbNRUZ83I94ulR1kGwZeL_cfYgnyBCa-gAfK_KoGVy3UfogkVqJEzkR_5euhmuCzbY_7P1EYrApIoMfHiC3ld8Rabuknqghsu7A4avrzOyHBdfcuilTuqPtIY5fOG0Rs3m63SBLslRoiccnmd4awOhpkGbtWgXx-QQBe46l-e2RKJNl0XvSVuPB8Rd1O9VOY64vjVEHNwtCbg5mtDAUKjv36pDm5bIXKSUCeEWW5jSi93ZsQvGPWE78_hqB4xiQVfxjZ3g_9ITQWVXRe2M9VOmVmKvUpbwpdU3ROwJmctUY9yVp-55Gb4_7tZrofMCj9QryIENkxMKBOsn0wattfkmfJDKfiAlXtcPMX3jMeay3Dwbd9-fKiN-mkjnPiUniegznJsX63C1L6aXy_nX3pS0p_pGl7Bt-4FtgzJbS6VYZCxoOYsC2Tr-WLfh3VlOiVDo_doGiZrXCtA5cWZ0RmYxGJmTHVza6k-33z
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 container.html Show response
40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8BA1 6 KB
3 KB 22ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 09:55:44 GMT
expires: Fri, 30 Jun 2023 09:55:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E57E 624 B
297 B 19ms
18ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNVZJU4unB-heOBwoW4X-Dg5vSOEuFHmXtjmQT8JfEKXjCNo5oUnhwYZRdSOp0YvmDSqz8yFNo3vhAnzickr2JPAjTFrhvjvxm4qm9r333SDV8iYZXEpBfEr5mx2KXkedZR1NM-Pw1_qYzQl7f-rwB1B-TOBGs7Gi_1q0ExtjNciJb2Q24g

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 09:55:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8BA1 77 KB
32 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DbCt3hbwFukU6ClNrcVP3wJvi14aeFpSqHyvM-VZPHRuKOB8plDhjIJ_zpYQglDP7eHNgfiX-t-ONtp0ZSpBNbAZKvqgtdOU7Bq-KngVgiAHlROB9o6dCBZ0YAKicaYJYAHqNBhXFBGVwVsy3q85af-fei6w&dbm_d=AKAmf-AVfuAw-qWPKjVU9Eh8DGBapQzVPtpUHjn3f4uN9ZRKWP5USAIHDuAR0arxF5gGf3YJut7SYm3-N7WtZ1blhtu1x0w3irvWW2zfjn8IUTgZNKTPBZDcSDJVUX9_fH4MN0X2RSqijo4VRfgYd2jE2FklNVk2kTvxeOXVdmKcOkjcBhS-IdgGQg7jxb1RaOLhWtqN0_UFTRK_feeANG7GGwpZU9QiLvBihKnHBhQ5EA9xtbALLwevenwlSotuwdbE6yXOB_AruwpWH-3nbzGHtOBuvYgKSZ74QrpxoSPSCAJQtbILMfPtkNvzaMAowco4kY5lj3-dKxxjvkt685gAGB_1NNiYsDxMQV9Ewe6v58i2CNUh0Hf3Upk2_HVStB5gf0yFg4T4Cg-1c0zzAcJnlhfXnSUdQNylCebarHZfsxbGghNuLO7wsXWXP0E2Pj1S7krZuf8h5VbEYklxYguMWCzXm0Y3oxrJpyzLTWzQjORU-AMcSaIgwbDE6h1ckalXMStK0tboNaAMDg8UgCDFXGvKOETS9tG1l5frFrEFc8MhK0rRC79lhIwVaYRL7wtxvviZRFrBGAfqK39UysxkSYuo_CaXaSlp4zaeLRZZsqOgY6nrvewvmrMRL82FUEFd_gOurhO1IIgsGknmZDFK3-xPzE_yip-OicG17cXv_HOulb-W_U3TpO3v2Na3bejkRv4pKrfYOiFXXfKI78RFYQFUyvEqya0FtwIQgNsPpGIIhq3cgqJlZPopfu9rWH1dR7uUG3Korg6Yi-n5N53rUYN6T-wZSlluRWQMP5bnpBHMwYhdxoMUAx725SInMjy2bkQXNvuKjABNdobpZt95_edkbzo5PVn_nNxdfGXQcXEft4S4NPqX3yxkOQewO7sCsDMRN9zWvz2NF8gI3mu6NIIWJR9-fdraNsJnttjqZwQEG5_tscv6VUPH0zLIGEJFo-8TsxeRXQzZp9iCwjQ2JDVNwCXbzv2JHarLrMB1imA3EJxytVcTjBM6kdjNabjRY_ilK4IeVhbBEhLVOpe73nmLUn0UJvFl7HzySFgKGHH03YUM75Lj_aQsQCubbMHMYvJS7rv1Hmt-PDDs0JPRPy8mpay7CC2tydCdAIvpqyMB7PyugfxE-smuOvG7T22v1GejZHIR-nD34UbOPjuXxblN0faEfev_6iQFPwdIGwUhaPWnIm3XylBGY8uoG_9wQoM39rSDhFUFI-2i6ahIx0pxyk4wOYiR4a42PtGpo59LCj2V-EMeMAs2RgYN2FiUO9ma6N17DJjsaBycQaObEBbdj-xDYYgS74vzQ-9RONCpHq-Rj4FXYFpsNWJlXvGAoI-9l1cSr1SujQIcK5kK76EHR-ZPQF5OrlFw9SIsB03BBkf7RFlJPy-Racb8gjd7cBu6xdUFbh8DZa_qh3n4OzKU6XLmnuoWrs8yQf7HTN5KwLZNVVWKj2p4_4ZLIMkN9CXQcqRxIjE2X96zc8u32EGWwUicNMYJX4eq4F5ZoDiARCspH1GCGI9I11SzARo0GQFc5ChJk_JSMY0y__qnW6cXrx3iBivzkvY5UADoAquiEopZsPPaSBr1gqQZkg7gfm34rd3ABrT3P-Y7HqrWjPy9QCrxt7Z0GB80i_SLnymX0JGvIbMM6qidUpcqyO1sP_ovRUra0vsk_OZuI3BfXbDHlyHrLexrsNtF2YRYsvAsd-akEjadvJQvkTi36Y5YIn_vpEoVIEcSo3BgAnoIZ8kmo1wUPt8_QrBebAeBfUbYUnzGH12PIVm8gIt5I8Jnb3qsyQt5l5pWAWAbGTgYVI2mCMDJekH-A0rkTlIX3JvKPjCOh372EwR_MFPQpj0JvljGM1rQBRvZOWfLA8m22VT5ZR5ydjHlBjgxCjzKnUqawSM0JrDg1Q-kmMFj95cvHZnHU0z2S-kLEWFxboUYv_njHVMzB3dkb4KcZiDnDQ8G4mIcvaH7ap73sNOacOj6y1h934JMmzJ-pPusmKvMHLMEhVX-ltRyRnDjqdcBhylRl5lbeQEcOZ1Ir30YT0UdZs4Xz2IaSuIOwK0CA7lQnFcXqPF-uRAtThZ7_EGdHBZ-9vfd_8P-bhYoGiIrAE35L0haabYWMdaW4_DGZa-JXZnBccaZ3KNQqQ4Pu5I3nf8ER8G-1hX6CCi-AebQFUK09i_A8aifYqxWv602v3k_MOITvfCvkt41DgWgXiAoOU1kqNcW4lxfiG5-tYwel5NcpeDAqgkpU0HjSeszqhClT7WqdZl7EJ7ALtB54W4IVEQOzU9Te7tU-Shvh_SVtXGxd9-4o1AR1nMlUXSDTuHGGRnYg9J1uIowyJ5Av8_psjPC4IibiSlAwADZEy1maup11iYFnGHBtnSjvslRTL4aL61DKwKUdCR83ThzDKnQJldCn0cNP-GCwLX56uKgOGPq6bJUt8E1INZ0XryyCqchibzC1NfyxZK9X7pmYchKEh-ghq9XMVD7pTvcJfOyAJgW3F-OHDqqJgn3ALHTXtPnSyvAv_ho0_rLqPkiyshItsbyseYj6MAanyaN_VCej4JuN6VQyfo-cZcBiwFP0Ec0JXpcWUrB1NEx9K0Pv_5s4nnhGjW56MvIDa_MkRjGFS-BBXa3hHfCA5hriUMK3W8eRzl_MLulOiTpclcyiBqgyFKexcAer5Qt_rL7fea3xT1ZrjXqw3uFU1k4x7Eyc7F-hpLuLAZ9k-wT57JkjCVrnAq4B2PGrRJtYAGyE2gtRMDbXdtgxcKRxPwDmOT4gY1Y-FOzHu7mdUgGqkox7pBvrcMU0s0OcU7dqu6rIFmCPNsOlkiJf_wrNMwOL_PrJl9hzqd13j4WPvDVryn-CUoz1HAXNkNjd-bB1HkqJwA4UuAdxcQAndlnvy4DpmRcubv3i-0fNX30soMgzuWHvwNCiLISZbYdu974j1l8yBM9v-1Ny5ly0cThpC1uqJh-tH_S8Nl3ZaVcm2IMpKDSprm-Cnyxv8YIHP7yd78Z4abEW9mzNFo-Mks6-2MGkyXSOtk7gpH4u1uuvBYEmCYbNUVs_eu6_l3tzEVD-TcYQSnUnIm2WfvzMq6DyFR6I16SpmKp7g3gcH-1DsRh8ZUbAZXb7J1Bp2-5mupLShj11y2BaxMQxG2im5EUZZto4zV2rKmFCSR3w4KgLfsHO6j5vG8TAV3l0AywpZui0NoQzA9T31CEwr54qgLSow1DGWh4E1adbwAfPfEdu0UQg7obP9Jt4xoqEZQeYTGvYTAOjLVnwoMdDcnNkCvXKHsnawbWMxETOorFwSCavOmhFq7Q8VVS4Z1xgGchEhI-PZZSd6E6XBmWkN-TGv15n1293QuGQpYU97VMzzNFz8hGap3biRgG4lH4_KNbniEqnFogzs-eHOJDvu_xEAAx&cid=CAASJORo98U_aSstFRP4-H2Ie7AcOE19w1lcHhQVLL9LWDaGi_fm4A&rfl=1%2Chttps%253A%252F%252Forientaldaily.on.cc%252Fcontent%252F%2525E7%252594%2525A2%2525E7%2525B6%252593%252Fodn-20220630-0630_00202_035%252F%2525E6%2525B8%2525A3%2525E6%252589%252593%2525E6%252593%2525AC%2525E5%252586%25258D%2525E6%252595%2525B4%2525E5%252590%252588%2525E5%25258D%2525B0%2525E5%2525BA%2525A6%2525E8%2525B2%2525B8%2525E6%2525AC%2525BE%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24fc413b3688193ac1179ca8e2c40ca0cedc6ca1fa7d9702bc3fa82f333f5446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33073
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8BA1 42 B
63 B 39ms
39ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DPatIcDWxJR0xWD_MWKx_SDcAe1S2Et5Epjz7Q3pJHe3gZextvK10wXGFBENhcrJTUh13EzyopONqmarqP3W-V1t7h6uWjhcrmz0X4t150uTUhbNI

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame 8BA1 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/window_focus_fy2021.js

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:51:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 235
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 09:51:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8BA1 138 KB
42 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Jun 2022 09:55:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame 8BA1 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 09:55:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8BA1 0
0 15ms
14ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRnqmS4DAQwQuCvMJJHdu2Dcb5uQVP0BJ3_FfOqSRU67Uq0_rDVkkpjT4oHp29uI-aZpIcerHYQcmH96g5rHBwHuKFwFA
Requested by: Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E57E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJMHklOC23Y7faLc3oEMl0&google_cver=1

43 B
916 B

39ms
39ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJMHklOC23Y7faLc3oEMl0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNVZJU4unB-heOBwoW4X-Dg5vSOEuFHmXtjmQT8JfEKXjCNo5oUnhwYZRdSOp0YvmDSqz8yFNo3vhAnzickr2JPAjTFrhvjvxm4qm9r333SDV8iYZXEpBfEr5mx2KXkedZR1NM-Pw1_qYzQl7f-rwB1B-TOBGs7Gi_1q0ExtjNciJb2Q24g
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 723607524bad9b92-FRA
pragma: no-cache
date: Thu, 30 Jun 2022 09:55:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWlLAYvNbvTHiCcIuXsoSRIZP82qrVh3EmeryWoBXpoDeQJ%2BWBPrDgd43%2Fu%2Bl%2FruwoySY%2FyOOud%2Bed2YmN%2FdfbIgOos92t8WZRGFBOHi5Uc%2FOMmYpiXGyXs6K6pp0FoKqVRzF7Gmgk3%2B1A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJMHklOC23Y7faLc3oEMl0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E57E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yr1zJClV1LElFqjpreatSwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJMHklOC23Y7faLc3oEMl0&google_cver=1

43 B
918 B

25ms
25ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJMHklOC23Y7faLc3oEMl0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNVZJU4unB-heOBwoW4X-Dg5vSOEuFHmXtjmQT8JfEKXjCNo5oUnhwYZRdSOp0YvmDSqz8yFNo3vhAnzickr2JPAjTFrhvjvxm4qm9r333SDV8iYZXEpBfEr5mx2KXkedZR1NM-Pw1_qYzQl7f-rwB1B-TOBGs7Gi_1q0ExtjNciJb2Q24g
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 723607527bf49b92-FRA
pragma: no-cache
date: Thu, 30 Jun 2022 09:55:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOHLYxHUlogCOJAlMh8qVf0mZ%2BSkhOSRoE9DiXJdlRgqTv2%2BuWi77kjYI7ZGZK%2BE87cblkv8ATA%2BahPyW%2F%2B01whI6Gj9epN2y08KduQY9pPfVMIB6oOVmXjbDN7SwE%2Fcd%2B%2BZajLkzWpxiA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJMHklOC23Y7faLc3oEMl0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E57E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGtxOxCCUxgvGCRkENM9lhQ&google_cver=1

43 B
1016 B

14ms
13ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGtxOxCCUxgvGCRkENM9lhQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNVZJU4unB-heOBwoW4X-Dg5vSOEuFHmXtjmQT8JfEKXjCNo5oUnhwYZRdSOp0YvmDSqz8yFNo3vhAnzickr2JPAjTFrhvjvxm4qm9r333SDV8iYZXEpBfEr5mx2KXkedZR1NM-Pw1_qYzQl7f-rwB1B-TOBGs7Gi_1q0ExtjNciJb2Q24g

Protocol

HTTP/1.1

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 09:55:50 GMT
X-Proxy-Origin: 217.64.151.69; 217.64.151.69; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ff21ed56-db99-4cae-ac00-995f9f0f80cd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGtxOxCCUxgvGCRkENM9lhQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E57E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ2NjM3NDcxNTg5MzUzMjg3MA%3D%3D

170 B
188 B

19ms
19ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ2NjM3NDcxNTg5MzUzMjg3MA%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 09:55:50 GMT
X-Proxy-Origin: 217.64.151.69; 217.64.151.69; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4c89f841-abb5-4402-9525-5607f262e920
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ2NjM3NDcxNTg5MzUzMjg3MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 8BA1 106 KB
37 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
Origin: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2789
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Jul 2022 09:09:21 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/elements/html/ Frame 8BA1 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DbCt3hbwFukU6ClNrcVP3wJvi14aeFpSqHyvM-VZPHRuKOB8plDhjIJ_zpYQglDP7eHNgfiX-t-ONtp0ZSpBNbAZKvqgtdOU7Bq-KngVgiAHlROB9o6dCBZ0YAKicaYJYAHqNBhXFBGVwVsy3q85af-fei6w&dbm_d=AKAmf-AVfuAw-qWPKjVU9Eh8DGBapQzVPtpUHjn3f4uN9ZRKWP5USAIHDuAR0arxF5gGf3YJut7SYm3-N7WtZ1blhtu1x0w3irvWW2zfjn8IUTgZNKTPBZDcSDJVUX9_fH4MN0X2RSqijo4VRfgYd2jE2FklNVk2kTvxeOXVdmKcOkjcBhS-IdgGQg7jxb1RaOLhWtqN0_UFTRK_feeANG7GGwpZU9QiLvBihKnHBhQ5EA9xtbALLwevenwlSotuwdbE6yXOB_AruwpWH-3nbzGHtOBuvYgKSZ74QrpxoSPSCAJQtbILMfPtkNvzaMAowco4kY5lj3-dKxxjvkt685gAGB_1NNiYsDxMQV9Ewe6v58i2CNUh0Hf3Upk2_HVStB5gf0yFg4T4Cg-1c0zzAcJnlhfXnSUdQNylCebarHZfsxbGghNuLO7wsXWXP0E2Pj1S7krZuf8h5VbEYklxYguMWCzXm0Y3oxrJpyzLTWzQjORU-AMcSaIgwbDE6h1ckalXMStK0tboNaAMDg8UgCDFXGvKOETS9tG1l5frFrEFc8MhK0rRC79lhIwVaYRL7wtxvviZRFrBGAfqK39UysxkSYuo_CaXaSlp4zaeLRZZsqOgY6nrvewvmrMRL82FUEFd_gOurhO1IIgsGknmZDFK3-xPzE_yip-OicG17cXv_HOulb-W_U3TpO3v2Na3bejkRv4pKrfYOiFXXfKI78RFYQFUyvEqya0FtwIQgNsPpGIIhq3cgqJlZPopfu9rWH1dR7uUG3Korg6Yi-n5N53rUYN6T-wZSlluRWQMP5bnpBHMwYhdxoMUAx725SInMjy2bkQXNvuKjABNdobpZt95_edkbzo5PVn_nNxdfGXQcXEft4S4NPqX3yxkOQewO7sCsDMRN9zWvz2NF8gI3mu6NIIWJR9-fdraNsJnttjqZwQEG5_tscv6VUPH0zLIGEJFo-8TsxeRXQzZp9iCwjQ2JDVNwCXbzv2JHarLrMB1imA3EJxytVcTjBM6kdjNabjRY_ilK4IeVhbBEhLVOpe73nmLUn0UJvFl7HzySFgKGHH03YUM75Lj_aQsQCubbMHMYvJS7rv1Hmt-PDDs0JPRPy8mpay7CC2tydCdAIvpqyMB7PyugfxE-smuOvG7T22v1GejZHIR-nD34UbOPjuXxblN0faEfev_6iQFPwdIGwUhaPWnIm3XylBGY8uoG_9wQoM39rSDhFUFI-2i6ahIx0pxyk4wOYiR4a42PtGpo59LCj2V-EMeMAs2RgYN2FiUO9ma6N17DJjsaBycQaObEBbdj-xDYYgS74vzQ-9RONCpHq-Rj4FXYFpsNWJlXvGAoI-9l1cSr1SujQIcK5kK76EHR-ZPQF5OrlFw9SIsB03BBkf7RFlJPy-Racb8gjd7cBu6xdUFbh8DZa_qh3n4OzKU6XLmnuoWrs8yQf7HTN5KwLZNVVWKj2p4_4ZLIMkN9CXQcqRxIjE2X96zc8u32EGWwUicNMYJX4eq4F5ZoDiARCspH1GCGI9I11SzARo0GQFc5ChJk_JSMY0y__qnW6cXrx3iBivzkvY5UADoAquiEopZsPPaSBr1gqQZkg7gfm34rd3ABrT3P-Y7HqrWjPy9QCrxt7Z0GB80i_SLnymX0JGvIbMM6qidUpcqyO1sP_ovRUra0vsk_OZuI3BfXbDHlyHrLexrsNtF2YRYsvAsd-akEjadvJQvkTi36Y5YIn_vpEoVIEcSo3BgAnoIZ8kmo1wUPt8_QrBebAeBfUbYUnzGH12PIVm8gIt5I8Jnb3qsyQt5l5pWAWAbGTgYVI2mCMDJekH-A0rkTlIX3JvKPjCOh372EwR_MFPQpj0JvljGM1rQBRvZOWfLA8m22VT5ZR5ydjHlBjgxCjzKnUqawSM0JrDg1Q-kmMFj95cvHZnHU0z2S-kLEWFxboUYv_njHVMzB3dkb4KcZiDnDQ8G4mIcvaH7ap73sNOacOj6y1h934JMmzJ-pPusmKvMHLMEhVX-ltRyRnDjqdcBhylRl5lbeQEcOZ1Ir30YT0UdZs4Xz2IaSuIOwK0CA7lQnFcXqPF-uRAtThZ7_EGdHBZ-9vfd_8P-bhYoGiIrAE35L0haabYWMdaW4_DGZa-JXZnBccaZ3KNQqQ4Pu5I3nf8ER8G-1hX6CCi-AebQFUK09i_A8aifYqxWv602v3k_MOITvfCvkt41DgWgXiAoOU1kqNcW4lxfiG5-tYwel5NcpeDAqgkpU0HjSeszqhClT7WqdZl7EJ7ALtB54W4IVEQOzU9Te7tU-Shvh_SVtXGxd9-4o1AR1nMlUXSDTuHGGRnYg9J1uIowyJ5Av8_psjPC4IibiSlAwADZEy1maup11iYFnGHBtnSjvslRTL4aL61DKwKUdCR83ThzDKnQJldCn0cNP-GCwLX56uKgOGPq6bJUt8E1INZ0XryyCqchibzC1NfyxZK9X7pmYchKEh-ghq9XMVD7pTvcJfOyAJgW3F-OHDqqJgn3ALHTXtPnSyvAv_ho0_rLqPkiyshItsbyseYj6MAanyaN_VCej4JuN6VQyfo-cZcBiwFP0Ec0JXpcWUrB1NEx9K0Pv_5s4nnhGjW56MvIDa_MkRjGFS-BBXa3hHfCA5hriUMK3W8eRzl_MLulOiTpclcyiBqgyFKexcAer5Qt_rL7fea3xT1ZrjXqw3uFU1k4x7Eyc7F-hpLuLAZ9k-wT57JkjCVrnAq4B2PGrRJtYAGyE2gtRMDbXdtgxcKRxPwDmOT4gY1Y-FOzHu7mdUgGqkox7pBvrcMU0s0OcU7dqu6rIFmCPNsOlkiJf_wrNMwOL_PrJl9hzqd13j4WPvDVryn-CUoz1HAXNkNjd-bB1HkqJwA4UuAdxcQAndlnvy4DpmRcubv3i-0fNX30soMgzuWHvwNCiLISZbYdu974j1l8yBM9v-1Ny5ly0cThpC1uqJh-tH_S8Nl3ZaVcm2IMpKDSprm-Cnyxv8YIHP7yd78Z4abEW9mzNFo-Mks6-2MGkyXSOtk7gpH4u1uuvBYEmCYbNUVs_eu6_l3tzEVD-TcYQSnUnIm2WfvzMq6DyFR6I16SpmKp7g3gcH-1DsRh8ZUbAZXb7J1Bp2-5mupLShj11y2BaxMQxG2im5EUZZto4zV2rKmFCSR3w4KgLfsHO6j5vG8TAV3l0AywpZui0NoQzA9T31CEwr54qgLSow1DGWh4E1adbwAfPfEdu0UQg7obP9Jt4xoqEZQeYTGvYTAOjLVnwoMdDcnNkCvXKHsnawbWMxETOorFwSCavOmhFq7Q8VVS4Z1xgGchEhI-PZZSd6E6XBmWkN-TGv15n1293QuGQpYU97VMzzNFz8hGap3biRgG4lH4_KNbniEqnFogzs-eHOJDvu_xEAAx&cid=CAASJORo98U_aSstFRP4-H2Ie7AcOE19w1lcHhQVLL9LWDaGi_fm4A&rfl=1%2Chttps%253A%252F%252Forientaldaily.on.cc%252Fcontent%252F%2525E7%252594%2525A2%2525E7%2525B6%252593%252Fodn-20220630-0630_00202_035%252F%2525E6%2525B8%2525A3%2525E6%252589%252593%2525E6%252593%2525AC%2525E5%252586%25258D%2525E6%252595%2525B4%2525E5%252590%252588%2525E5%25258D%2525B0%2525E5%2525BA%2525A6%2525E8%2525B2%2525B8%2525E6%2525AC%2525BE%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:49:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 09:49:07 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/ Frame 8BA1 27 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:51:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10545
x-xss-protection: 0
server: cafe
etag: 4672069523611413616
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 09:51:27 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7B72 42 B
64 B 49ms
49ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-kpx5G-xleujaYts2Q2_IjOPwHqbx1KNVXei8Nq32ovJ4i7ZocjmWL6vREgMQJcXd_vWPoh0bEZS9wrlqWwrbC5XWTNM7nDyS40oAQ3v8qoPVwcU91lmYds0NAR6S0irwVp5nSOg43yVC5e1d3hsSRJoArs6sVgkL&sai=AMfl-YTWca9hP_9suD-48tQjRc70fP4v6sMpIjlg2VRNlruP4be9oKHc0XfbrsG95hwOH0lnYdUlY6Ni9qNTB4OyUzrrKT7VV_nq9Qf0PkziSbXluHdIlQnJi66gNR73&sig=Cg0ArKJSzAQ6QWn0z3HcEAE&cid=CAASF-RonD-3t98-yNS_dT54bTFCoYvKXF7p&id=lidar2&mcvt=1002&p=0,0,250,300&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3565501396&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656582949118&rpt=681&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8BA1 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 06:00:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100537
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 06:00:13 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 54AF 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14526
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 05:53:44 GMT
etag: 48472445140208031
expires: Fri, 01 Jul 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8755 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 242280
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Jun 2022 14:37:50 GMT
expires: Tue, 27 Jun 2023 14:37:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/6097948873975918132/300x250/ Frame E541 4 KB
1 KB 8ms
7ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae28ac28af4c43157ac63fb87660eeb34c97ccf6ac4a9c7340ae071a96bbfde4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 158220
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1414
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Jun 2022 13:58:50 GMT
expires: Wed, 28 Jun 2023 13:58:50 GMT
last-modified: Thu, 09 Jun 2022 11:56:29 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8BA1 0
27 B 50ms
49ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst05oUUa609-xPdJ2QJEeSUORPH7PnnBDC4gzYKhKoZOLHspLis5z_ojK_2fTcldia-3hyPkeFsPV78uCE49sZbBgejdsisG8koln95_y_Uj0cd1oNElXOxgpBxy8Rz8SLwR_pSEANHRtrANuJNZD901COWr_KUAbMbR6CQw0jprGn3b5KLsmzWMW_xdbAUNpcEgxROHfWfypBi0ciwHESs3QJkeutp_T_Vt9OxV_ez40YmHA1gsH7l3wnW-F_K415AJNqG4Etdiv6WZ6WtUIIjgRekUuEMdatZbexRN_aSw9xZhwYcsKuAcd6ZHNaBewPxWB8ilVbCIjfY8pRY7X17k2yqs5vpTuK7CRL64BQ1dKm7tnbCmTd32uWNtaizZrPRZBXGnMYXT35DmwvrhjvmczIX1HzTX1czsYZjbZQpC7t13xNdb4Ku4OPIVfH5ze1hLkQjAIVR7A9oOKE7Dka3sEUGfqRDi-4WXBil72T5mCGaXSeUqTamHrQ2aczAuZ4bWLqAE6X6FXdSzPJX0tjFqdKo-_Shz_zrfbmSfo-gvpMUkElsG6GWwSOIfZQYxxctWtkPytDDhYfKu8RGqy_KeLeqAuFLwSbssXZ_zPXh6LOarzGdZtIt-_izNAsnstUdGq0c0cWRHyUNRacDSPJma9yCDRRHZVzw3_s8FBk1jVbSb7DjKkqi4MDFz-AuabckJEMNFv0MCOH-KkukazT-99g9C07267mC--YGmQD8iDYraj0foSGuSLS83BiWoQWUPIkEoj1nw4RtONxZJRb62R0oSRKPbP_GKgOjfiRbO_O_p_6TUE8d_9gu4dYVyQVhv1q--vdHUuv7EgF9tjK2tJu3omLwS7j79hpcgVjiAShavBOCIvV0Zzsfw1WilWOVLRAHEAkL2Cb3_byNs3h6PyfUTmNJHiSE3YsYnWdcYYjqUUVAN5HURgV_JO3utmOmylzK1A3PvxngBKn8CbEjo4iNePIkFuBdhSKsntxSPvbCv4TyouvDuYBYu3NUV8RaiN6-lbQ936VkyPtXgp3nOkD2VwWed9s6YEG77Pb9pmr66DmuMLDdzwv-iVGtxXgy-1WzoPDqQbulRYcoOMKYaT3Xa36z2efG4-COk8C2RaZCesPxQZkMh6UwG7ZM8jR1oqtRMjnartjjU2djscIJYeFHGvHPxsvguhGaV_-ZkeqPxMoaVhO_CeGcXkoPaFr3wCFHLZBv8NspO6j_YXzWNppfQVr_8cDBGEI&sai=AMfl-YSJBcEa34WrQUibcSG9mfTZdBpPiNkXrrFICQAG7T8hjB9aZjHbbE6CzckZX5LBztrUII59m28xlKtJIDQ45iRKCort4N7CEr95USS1Q17-eGzUnPph1efWqowp1kDZUTGXbwb4L6xyK4ZC68ZdPWm6uqndpYKZ-qk2S3SWhIWIYz7-qzx7TUivuVN7rJW9uCfOBRRN6PmJvzoDSHj_2Q&sig=Cg0ArKJSzFCRiJfP93CUEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=54&cbvp=1&cstd=52&cisv=r20220628.26552&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 30 Jun 2022 09:55:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 54AF
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEH3guZopSPS7iuyTovQvtvA&google_cver=1&google_push=ARnp8GAgFOnrjAVQ7ubf7bftBvkZzcO1vZWX395XiqLo64rLLWw2lH7OZ3...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GAgFOnrjAVQ7ubf7bftBvkZzcO1vZWX395XiqLo64rLLWw2lH7OZ3AFoz1W4hMN1x2gC6kIsyLk8Nln3LmgBnjfkB0T4A_cwA&google_hm=hvaUe4WnnM...

170 B
188 B

20ms
20ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GAgFOnrjAVQ7ubf7bftBvkZzcO1vZWX395XiqLo64rLLWw2lH7OZ3AFoz1W4hMN1x2gC6kIsyLk8Nln3LmgBnjfkB0T4A_cwA&google_hm=hvaUe4WnnMt7nWq5wSJhow

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GAgFOnrjAVQ7ubf7bftBvkZzcO1vZWX395XiqLo64rLLWw2lH7OZ3AFoz1W4hMN1x2gC6kIsyLk8Nln3LmgBnjfkB0T4A_cwA&google_hm=hvaUe4WnnMt7nWq5wSJhow
pragma: no-cache
date: Thu, 30 Jun 2022 09:55:50 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 54AF
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GAfw0SV7YP1wleQrI-w5GOFVI6zNbsAimZpzHW...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXIxekpnQUFCYm1BZlZ0Rg&google_push=ARnp8GAfw0SV7YP1wleQrI-w5GOFVI6zNbsAimZpzHW368JF1Jd8wz1Ww9qhd9IyWbKPFxVhXNGizEQxnERA4tZbkTmlZfuN_7...

170 B
188 B

33ms
28ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXIxekpnQUFCYm1BZlZ0Rg&google_push=ARnp8GAfw0SV7YP1wleQrI-w5GOFVI6zNbsAimZpzHW368JF1Jd8wz1Ww9qhd9IyWbKPFxVhXNGizEQxnERA4tZbkTmlZfuN_74mSw

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXIxekpnQUFCYm1BZlZ0Rg&google_push=ARnp8GAfw0SV7YP1wleQrI-w5GOFVI6zNbsAimZpzHW368JF1Jd8wz1Ww9qhd9IyWbKPFxVhXNGizEQxnERA4tZbkTmlZfuN_74mSw
Date: Thu, 30 Jun 2022 09:55:50 GMT
Server: Apache
Connection: keep-alive
Content-Length: 393
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 54AF
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEN0v6DBCYD8sTPqfLBr2Ffs&google_cver=1&google_push=ARnp8GDRWELspNILT8TPAnMda3AFCWez5NcMwJ93pM6YohOMbqd9Sya8nzOrqWWsux44ifwYdg_RlUPiBtebDAbozhqDLm8m5zxPaw
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GDRWELspNILT8TPAnMda3AFCWez5NcMwJ93pM6YohOMbqd9Sya8nzOrqWWsux44ifwYdg_RlUPiBtebDAbozhqDLm8m5zxPaw&google_hm=Q0FFU0VOMHY2REJDWUQ...

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GDRWELspNILT8TPAnMda3AFCWez5NcMwJ93pM6YohOMbqd9Sya8nzOrqWWsux44ifwYdg_RlUPiBtebDAbozhqDLm8m5zxPaw&google_hm=Q0FFU0VOMHY2REJDWUQ4c1RQcWZMQnIyRmZz

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 09:55:50 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GDRWELspNILT8TPAnMda3AFCWez5NcMwJ93pM6YohOMbqd9Sya8nzOrqWWsux44ifwYdg_RlUPiBtebDAbozhqDLm8m5zxPaw&google_hm=Q0FFU0VOMHY2REJDWUQ4c1RQcWZMQnIyRmZz
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 54AF 43 B
64 B 26ms
23ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEMzLxB46nP9IFafZxCFl7os&google_cver=1&google_push=ARnp8GDssA-pGEnV69JDD-dXTBaajrRrnsRKYEBPoNHBtmT0mG44BuF3XHULTMAxJIkYer37p6sEQiUbiDHWk6ZQbqiuJvWMYpOH
Requested by: Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:50 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: ovv7b0tsl1au3qpdheb2hndpl7qiaifs

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 54AF
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9UdDwewQSb6JP6wBoNtoPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

20ms
20ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9UdDwewQSb6JP6wBoNtoPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GCqXCJ06pNsqe1oeVXrnrIMgEtb8nVwVn_7_yGRCsDm-F0vv-e2dnSbwauqBzT7sYVNdkiThAgOMebLofTTlLhoO1LUNiSU8g

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9UdDwewQSb6JP6wBoNtoPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GCqXCJ06pNsqe1oeVXrnrIMgEtb8nVwVn_7_yGRCsDm-F0vv-e2dnSbwauqBzT7sYVNdkiThAgOMebLofTTlLhoO1LUNiSU8g
date: Thu, 30 Jun 2022 09:55:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 54AF
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECvKbCyWzGwG34_msJjIWIk&google_cver=1&google_push=ARnp8GC71uS2JbfihROfHhB77vHGV0QJRXRkiV7jCNdIyb-drr70cx3ZUMQsFeCJQEpRaZJN9CP...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDUwVVBUSk4tMjctNzlUTw==&google_push=ARnp8GC71uS2JbfihROfHhB77vHGV0QJRXRkiV7jCNdIyb-drr70cx3ZUMQsFeCJQEpRaZJN9CPh2_LcLu2DslRo8nBbUlmOmOMChg

170 B
188 B

19ms
19ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDUwVVBUSk4tMjctNzlUTw==&google_push=ARnp8GC71uS2JbfihROfHhB77vHGV0QJRXRkiV7jCNdIyb-drr70cx3ZUMQsFeCJQEpRaZJN9CPh2_LcLu2DslRo8nBbUlmOmOMChg

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDUwVVBUSk4tMjctNzlUTw==&google_push=ARnp8GC71uS2JbfihROfHhB77vHGV0QJRXRkiV7jCNdIyb-drr70cx3ZUMQsFeCJQEpRaZJN9CPh2_LcLu2DslRo8nBbUlmOmOMChg
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 54AF 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 54AF 0
12 B 16ms
14ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KLxctxiAMUt-yqqEFlWBUkg9dG-lSLLabuO-r6higC6fA1nplpUpyF5jXGEkfhQqTofxJcuw

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 style.css
s0.2mdn.net/sadbundle/6097948873975918132/300x250/css/ Frame E541 499 B
290 B 10ms
9ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981a2ca896313448334b155c40c75f1bcd39918b5aefb820415fa142834ec0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158219
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 261
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 13:58:51 GMT

GET
H3 200 bg1.jpg
s0.2mdn.net/sadbundle/6097948873975918132/300x250/images/ Frame E541 68 KB
68 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/images/bg1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbbdfd3cc8ecc010a5a3c55865a859b44008d80f04627faefb09e726139d0feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:58:51 GMT
x-content-type-options: nosniff
age: 158219
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69347
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 13:58:51 GMT

GET
H3 200 legal.png
s0.2mdn.net/sadbundle/6097948873975918132/300x250/images/ Frame E541 4 KB
4 KB 14ms
10ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/images/legal.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981733af320237e1b71663066c5741539c54a8883268bb5e429cb49642f275cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:58:51 GMT
x-content-type-options: nosniff
age: 158219
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3666
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 13:58:51 GMT

GET
H3 200 bg2.jpg
s0.2mdn.net/sadbundle/6097948873975918132/300x250/images/ Frame E541 41 KB
41 KB 16ms
12ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/images/bg2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0218a32b5c20abf439b8b39ba5b3179019d0d3ad9183ca89bd9ae662fc959f0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:58:51 GMT
x-content-type-options: nosniff
age: 158219
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42054
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 13:58:51 GMT

GET
H3 200 legal2.png
s0.2mdn.net/sadbundle/6097948873975918132/300x250/images/ Frame E541 8 KB
8 KB 18ms
13ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/images/legal2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49484c10289ade69f6793b62747c2853739f9b850609c85bd271b0eb43724bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:58:51 GMT
x-content-type-options: nosniff
age: 158219
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8465
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 13:58:51 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/6097948873975918132/300x250/images/ Frame E541 2 KB
2 KB 19ms
14ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/images/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04a10b98a122cac304f213200a1338aa7b0c7aac308f831b9bb377be6368a6f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:58:54 GMT
x-content-type-options: nosniff
age: 158216
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2234
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 13:58:54 GMT

GET
H3 200 yellowBox.png
s0.2mdn.net/sadbundle/6097948873975918132/300x250/images/ Frame E541 679 B
706 B 19ms
14ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/images/yellowBox.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0520780a52a9dc8a8db00c8afe179461d1dd9f4a369bd11c299e45b64aba6dfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:58:51 GMT
x-content-type-options: nosniff
age: 158219
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 679
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 13:58:51 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/6097948873975918132/300x250/images/ Frame E541 4 KB
4 KB 17ms
12ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/images/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aac0db71b09b09fade52f1d6e2cefdff67af34d335855a0d99c8d29fe9c5632b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:58:51 GMT
x-content-type-options: nosniff
age: 158219
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4039
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 13:58:51 GMT

GET
H3 200 tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame E541 105 KB
35 KB 23ms
17ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35824
x-xss-protection: 0
last-modified: Fri, 09 Oct 2015 14:01:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Jun 2022 09:55:50 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/6097948873975918132/300x250/js/ Frame E541 1 KB
428 B 189ms
185ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/js/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61373cb0fa602b4572dde5327f834507ac30f6254df36fe0feab0f03cd02bd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6097948873975918132/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 400
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 11:56:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 30 Jun 2023 09:55:51 GMT

GET
H3 200 jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js Show response
pagead2.googlesyndication.com/bg/ Frame 8755 36 KB
13 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 09:10:06 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8755 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BAuB_JnO9YtOhLa3U7_UP_Pqs6AIAAAAAOAHgBAI&bg=!AgGlAUXNAAaLlKKnq5Q7ACkAdvg8WkriNzJv3z0GoDa7YjsZZ6adnQKeovz4V0WcwBdqjoxUSC_blwIAAABjUgAAAAJoAQeZAylLweNd1m56tTgyr25tX4WX2tbEZB9WOAZypFSJYWlI6FAa6m7OkqN00INtIDX2UHth3Fq08wcbl-OT3_2_e2GHhbgXcwgN5agOJ4DGTjn9165tBpsjuUYtgdYb4-ciXM-_mYH5nar8j97WcXhlxQlrUWEAa41PCoOAk2t-bNndp_Yoy-BD77j_gMbau9fsbyLOoq5KM1Qd6QNc4YQyEyR4bXrtdHC2sLy0uipI7RH6TtuyjtdqMS3KyYxl5LcZHaT0U2HQI4268Y68OGkn8wDl0-jBmlUWXNyg_iNU71_haA9JBUnvgV69_3SHAPEeEw2OOgnAQnjhBLHOBASorfKbX_FWpWcgo_gOesQyTTaawE1EDSbplfb15eQoxXTTSBAefnXvPjl2kdyBWV3GS1K5-zLDAQKDdt5H-DKgWW1fC0cf3No1IlhLGE6K4enzkml2vbf9uoyuy3qEGqLaKKm6AnYoaGpDzs4NtS8ZYd73Y6zEcnMmg2fjeKZPcl-WCjsLsiW1F9aAjOfAGVawPLMf8XId7qgYo3EoEw6qJcjVqNdj_EeZEBoogIXB-fNw-VxDE2-vpMzmnFgBU_PbBAQzhKhjddyWAtAAHpIA14DRuwe9vW-2f4F6e_AB8RGp0lPb8wglQgoH8iq15rOBf_E2_-Mea94BgQiwZWCfPQ45Br_MUOWUZLvAzIjVALDoMCGqn4iYiQldzUpi-KJdJ9oY14aZApQBffDjMtpWo4vYYlbZBTHx3Y6G0aMtrDdHD-OIvobPfEyj8-isYMAckbvYqAWpoGnMAR4q36I8MG5qksVMg3MK8PPt0qsZeNGLyI3iMYVKRme9FNMEYiyAjEKA6_w3-mf_NONZI3ifDv7X9KJYCZ16j8HRdaP8u-0bKhuFqZmdS_vWTlEsFh9lbxsJbSHhkcFO824fhGF57hN6z8kaBDgUoel-mzA1gSRLmq7M2ZLiaQTT1DFUbeHy-tzMkiHIlwUEpyyJWfv3KDmffFlaauyh5sxWYJn-ju-vf9TFtvXeGlX5x-K9ZSA93bEO0T9sRjGMcWESTVsfOFW-_ota_jL0KfbESQ

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8BA1 0
26 B 44ms
43ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst05oUUa609-xPdJ2QJEeSUORPH7PnnBDC4gzYKhKoZOLHspLis5z_ojK_2fTcldia-3hyPkeFsPV78uCE49sZbBgejdsisG8koln95_y_Uj0cd1oNElXOxgpBxy8Rz8SLwR_pSEANHRtrANuJNZD901COWr_KUAbMbR6CQw0jprGn3b5KLsmzWMW_xdbAUNpcEgxROHfWfypBi0ciwHESs3QJkeutp_T_Vt9OxV_ez40YmHA1gsH7l3wnW-F_K415AJNqG4Etdiv6WZ6WtUIIjgRekUuEMdatZbexRN_aSw9xZhwYcsKuAcd6ZHNaBewPxWB8ilVbCIjfY8pRY7X17k2yqs5vpTuK7CRL64BQ1dKm7tnbCmTd32uWNtaizZrPRZBXGnMYXT35DmwvrhjvmczIX1HzTX1czsYZjbZQpC7t13xNdb4Ku4OPIVfH5ze1hLkQjAIVR7A9oOKE7Dka3sEUGfqRDi-4WXBil72T5mCGaXSeUqTamHrQ2aczAuZ4bWLqAE6X6FXdSzPJX0tjFqdKo-_Shz_zrfbmSfo-gvpMUkElsG6GWwSOIfZQYxxctWtkPytDDhYfKu8RGqy_KeLeqAuFLwSbssXZ_zPXh6LOarzGdZtIt-_izNAsnstUdGq0c0cWRHyUNRacDSPJma9yCDRRHZVzw3_s8FBk1jVbSb7DjKkqi4MDFz-AuabckJEMNFv0MCOH-KkukazT-99g9C07267mC--YGmQD8iDYraj0foSGuSLS83BiWoQWUPIkEoj1nw4RtONxZJRb62R0oSRKPbP_GKgOjfiRbO_O_p_6TUE8d_9gu4dYVyQVhv1q--vdHUuv7EgF9tjK2tJu3omLwS7j79hpcgVjiAShavBOCIvV0Zzsfw1WilWOVLRAHEAkL2Cb3_byNs3h6PyfUTmNJHiSE3YsYnWdcYYjqUUVAN5HURgV_JO3utmOmylzK1A3PvxngBKn8CbEjo4iNePIkFuBdhSKsntxSPvbCv4TyouvDuYBYu3NUV8RaiN6-lbQ936VkyPtXgp3nOkD2VwWed9s6YEG77Pb9pmr66DmuMLDdzwv-iVGtxXgy-1WzoPDqQbulRYcoOMKYaT3Xa36z2efG4-COk8C2RaZCesPxQZkMh6UwG7ZM8jR1oqtRMjnartjjU2djscIJYeFHGvHPxsvguhGaV_-ZkeqPxMoaVhO_CeGcXkoPaFr3wCFHLZBv8NspO6j_YXzWNppfQVr_8cDBGEI&sai=AMfl-YSJBcEa34WrQUibcSG9mfTZdBpPiNkXrrFICQAG7T8hjB9aZjHbbE6CzckZX5LBztrUII59m28xlKtJIDQ45iRKCort4N7CEr95USS1Q17-eGzUnPph1efWqowp1kDZUTGXbwb4L6xyK4ZC68ZdPWm6uqndpYKZ-qk2S3SWhIWIYz7-qzx7TUivuVN7rJW9uCfOBRRN6PmJvzoDSHj_2Q&sig=Cg0ArKJSzFCRiJfP93CUEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=299&vt=11&dtpt=245&dett=3&cstd=52&cisv=r20220628.26552&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:55:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D1C0 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orientaldaily.on.cc/content/%E7%94%A2%E7%B6%93/odn-20220630-0630_00202_035/%E6%B8%A3%E6%89%93%E6%93%AC%E5%86%8D%E6%95%B4%E5%90%88%E5%8D%B0%E5%BA%A6%E8%B2%B8%E6%AC%BE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 09:55:44 GMT
expires: Fri, 30 Jun 2023 09:55:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7853 640 B
316 B 19ms
17ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLeq9sUBMAE&v=APEucNXK50sdW1VR1x_PFnIMSoAt1Wg_J6ZgUxJ9O8-2fHV7KhZJnb6MNbn_lKFUh1HoniVx4nxzk0x__k2aRJ_nIUKtCkcN-GtbUZh-ugM7dTtGrClHG2hySEsNOcEFOHOxsMeMtT9Derq5NNkXwySke4JWMyhWu2zfyH6hWpItB3kroLkgbAs

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 09:55:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D1C0 83 KB
34 KB 65ms
62ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DI5rvpLx_Glu1AcefDmdF5xpXkZOSmoPCUbvhF38HDlLjporiZX_ej8ROggAzRYIyKYbRyIZss77Is3kae5bx6meUnuJGy-nE_Yd0KLl-PYXEkHySgtbgLC-A-scjniHbTC1mmhmN8haQwMtPJBWLbqw8tHA&dbm_d=AKAmf-DLQirmN13p1euTDkj7Ma0WD08Qzw-JNrbG69ZgUKq47HKZy-6mnGgbi-IeSY8dX-Vy1_5Ba5e9xxtidUCEYgp7nvmBFSTTA7hM-_I1oNU8vCd8F-CCDrhJ7wSj7Z28NX7PLywFqhPW7R1UZ9N3BxaSv3jU0j07zf19e6V1UA1JxVR911OoXZzEvwLrCYu8EeKL1aCZ8D-9LZbeRc5mlMd6tR72LWMtn7RdPaie77hydlZGlgTvCVPD4T2tjnGl1dTBQWwnMNus_waFb_k_CsP19AM8nqoTiTRcN8Gr0_SV59YEwj55yTOidTNIf98JYBj_FQNd3ry0jTc8dOn9q75UuoYa_h4FmScSqbIlY4cis7J5-c2t1YpHidmGwG9Kv2xuf90E8CfDfVKkEWQABCgX5JpK9pnojhkGWnMQqjh7Rf8lE0kLEnhwmS8q6LFxcBlEG3L7PXw2XiOCPEOHBioBTzMQvqp-nCcz3TuiuwJqrU1QrpuTV2GNrI_GEmB-8kkBOiFA5JGFVYVo0SYRdp6Fv1aPKBZ-K7Xzdldsj3tLDYWqfMGq8yDOmFitwkG9nAUCS41p5ezmPMia4R4XITK8JyK7qseEVOQN-7EFwYDQc8L8dX6MHyVWT6Iyla6_aYzuXaewEWUh8lsyPuFE-RBMV-s-lI-2Da-qHIlv8lBI3CXkwbBl-ErA6URoMhK5nxjsiMyBqcC4urznVrLVPs3BFpL-aXUSxGhn4iS2pYGW6bjvwoec2wit5dTlNkBH4lTvsKwRP-Ju6syzDBijJ4JSZn51JqQbDax8oFTG6wbvgtnx6_D7HpBGgNeLQEJQem2hEiRvywAXe8_nfd7GIAV05ZgD895uP_ux1bSTlsOkH6vgKBuORgfHkDqtKyytD11rX1Dly8hb_OyaRh8q7UGZDl-OBV9xaTWutZhl8GtczFFJpP18epXnsUJnBfdVXch08_tTKkA44y0CXzOeTLGqOu4mPehorVwbMJvkigHGdhf1btC2wh5jGLRw-bys36DLvnA_CG3AjVtVCRCHnfd2U3McTSOs8P7gG4feT10QrvGh7H2ueJd9cQiKIyzoc9NipDxxlcUdG4ssd1IhNEUQG0B7G3aMGOjYVnsdB_KRngLBWpomLR27I-Eua69OR9Pnhfhc3SaEely68mU3xSDbjm6kx7dzuh4Fx-I_C78qHWWk1rXJQDHvaURBn2PJCs1fp4Npp-d2vU7o5ZFfkIZb6Mb01vnM9H0yP6vaaxPhMrFTEzScxp8GPbG9UQMuVdeb009jnZiuHNtLPoqUlZKY3QfsSP2Jk00ahsxl7lBEf6xe1-YN8bgfs3ycMuV1x3JmRs-7rPF5pKwlt844vIe7fubylaziresdv0z07mCgLoHcVnfF511JKe_un60fZwyk-kvHZ0ef_ZrZOFwxfT6ObdQMwHducL1DecnatCvO9Fga5I7nyF4-XDHjkJSXgGSL5M4dGr3rx4jeJlNB_2HwzX79nr35IrovZShF7EVJY1T-ivnQpU0jUtghbxE5Z2eWvVxiPOz6N8erMJ6JlWdoRYiJkPHOYu70FCi409IWTYgaJa3s7dWQ3Bdufg1SqIypUDgONtj-5avMi5O----eT6Y9vRZe05mG6vFD0HmWZJE0ERcbU1Qn2wHTRJXha-bAvumq_MR6s1ufn7axIGzutiWkDyD6e5P3QNEc2ZluEJQbE7BcP42Lhl1UFGz8Srx_1E7Pgy-tiQbks8SdltwUP7XxImP14QdATgGRHtkHHFkBVR7LtpwaAOjo-nU_3BAf8sP6GMt3lktBpONgoEG2ae98dp6Z1pyWF7UwyEGZ7eFfsFhvLzIzEswL-FgViFp3Ybg7xL9nrt8UeofWUWNvn_nMwn1oyiMAU1ia8DaREP2USfRg-xsOXUcfdAH-ddu_ghYgWSTTeYxNUcao2IRjfGXvmAjg65Ogx2ffLcYeUXby1_pq5cRy_sTw03QZz-K2VQAGbmLGj7ENKprznj7uGXqqoHDVPbolpP_9NLh4chrr75Y6GWoe2zulN7c-J6FIdTO9RCJjf2itFwkVlDAtqdQdU1NprQdWTHDv78Aq3kJy_6nTwyZOar-fZWW9vcTQzqHqO_U1pZ1vYYso1VN1gjjwkf99Qb5CQM8XyDiqEArSmzPbs80FJE1DedrfY8T8-jdnmiS5dfnrDps-GCBmbSOSKpIftIsDt53gFmlkk06dvTrMk4QlODOCYypTO4KSq8I3dpbZVo5kwyHctvyfyHldN46vnD2UhHwbxA3Lfw4Z-NY_SUYngIskXHOLx4jEYb3kB3iKAxFFcWilAhUF8DvzkBgLxJ0T-t95KtKoISwxziYc5Hs-ZUEJnVVQ4LhUzLxlyFIGk1vWFAFCtmnvu4T2d4cLvGdykbteP0LJ8BOALk8kJHFi-EPlCR2Jo65GPiX5Z1NJScnbKXNG3Xl0ssCtUTuhPaBUCkmmTRqVBiUTc7ppuD9ozhdmSV52zRx-pA8e8_ii4rJvJjKqiTy0zPijTyNb5k3rNu3UFsQ3FyxibAFvP-pospmCJt0S_ozcGGA2rZKhvaBCGBv_rOWllJhWAE-Ejvgz4yO6V_m1VF1eNXxcQtjiQLnHhNYkLCHFRBRTvquGoRanKjbxH2Cw56-mC43_UsEY1JSnHuwnRhQzwqNZ030z31zJzDSWApMyEdpbDBPVoHdg3wLIy__v63XQxxwPKSoHuLy7qGxWxFYjlviGJEkA5lBHhqRJ7hOjYNBF21HACFl7K9zuP6v1aHEjudJhHTHNwqj9a3q-PCKce2Chx3djF_jAppLsKFSriuqSRdfdq1hfBdgDAIuwD6X4R5S_io3y5zc8iwZJcmIjm0e29H2riAgUHTU7PSJlFLD0iPgY-TTLGmgQcdQA-r5eF9Speqej6DKbVhVTjpgFiD0e4lRqVH4-LTma86-dLSlgSPEHt1ZAUSHKUHok1Hm9z7vx1QI79vob9PC6YjTRofH2dB0AeIl16OZ1TMv6IeniS62K-FQacJKZvT4hjJvgZMzzPrgv-GiGYJz4JfnumG8TTb3-uD-Gy-e-8J9E9YX7FBxb8ypgJtCqhLh95SktCyxAs1GhavMfgA44NW0tepgoZYxbw08mnQMMh5Tqi-D2SNuETIyhQHPq45sOneq_XmJsrjDaQT_lL6QDxFdIAicLzfK7FrS4N1_ZZdg4eW-KMwr-hXqOUikqHjvTCzJS8kBonSRdLLW8itgfZ-QDNTs&cid=CAASJORomuiCa2nqZH43iv0Uan31Al_oQxwXy0LqYV6vG9gUQjjyXQ&rfl=1%2Chttps%253A%252F%252Forientaldaily.on.cc%252Fcontent%252F%2525E7%252594%2525A2%2525E7%2525B6%252593%252Fodn-20220630-0630_00202_035%252F%2525E6%2525B8%2525A3%2525E6%252589%252593%2525E6%252593%2525AC%2525E5%252586%25258D%2525E6%252595%2525B4%2525E5%252590%252588%2525E5%25258D%2525B0%2525E5%2525BA%2525A6%2525E8%2525B2%2525B8%2525E6%2525AC%2525BE%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25cf30228770e3ab680486fb93fbd48d79513d37a98a4a9260671252c576da14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34721
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D1C0 42 B
63 B 42ms
39ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BonHwAOqA6OyFap8Tm2QA7kTUESO12YvMrMXTugkS7vy9gxEVtmMaMvyHgdOY0ZlKWKr41JOe255M7WNsX45meSfl1AtR0TIpaKDOCf_yYYXMnwaM

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame D1C0
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/999585/61793184/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=27619585&ias_pubId=pub-1862194061110379&ias_chanId=1&ias_placementId=174883...
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

43 B
483 B

48ms
7ms

Image
image/gif

2600:9000:2156:c000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:2156:c000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
age: 28316477
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: nR1I_HFCsjr4NvGN8KTyHaq1b--zJHjFykcbAW1SnkPuRKwIYqFtzg==

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:51 GMT
x-server-name: app07.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
cache-control: no-cache
content-length: 0
server: nginx

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame D1C0 3 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/window_focus_fy2021.js

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:51:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 09:51:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D1C0 138 KB
42 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Jun 2022 09:55:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame D1C0 17 KB
7 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 09:55:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D1C0 0
0 20ms
19ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR5UNQn51wIEaegcoNtwH5HrPpD477ysq31i8J9F8wDkeKCGrYNpLjiuysCpNpU0aQ4Z2Wl-vV8iG7WbJpS4d-PmW49NA
Requested by: Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7853
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHFXX8if_pa4qG26vt9Ae0M&google_cver=1

43 B
114 B

28ms
23ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHFXX8if_pa4qG26vt9Ae0M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLeq9sUBMAE&v=APEucNXK50sdW1VR1x_PFnIMSoAt1Wg_J6ZgUxJ9O8-2fHV7KhZJnb6MNbn_lKFUh1HoniVx4nxzk0x__k2aRJ_nIUKtCkcN-GtbUZh-ugM7dTtGrClHG2hySEsNOcEFOHOxsMeMtT9Derq5NNkXwySke4JWMyhWu2zfyH6hWpItB3kroLkgbAs
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:51 GMT
via: 1.1 google
server: OXGW/7f1e280
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHFXX8if_pa4qG26vt9Ae0M&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 7853 43 B
306 B 46ms
22ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLeq9sUBMAE&v=APEucNXK50sdW1VR1x_PFnIMSoAt1Wg_J6ZgUxJ9O8-2fHV7KhZJnb6MNbn_lKFUh1HoniVx4nxzk0x__k2aRJ_nIUKtCkcN-GtbUZh-ugM7dTtGrClHG2hySEsNOcEFOHOxsMeMtT9Derq5NNkXwySke4JWMyhWu2zfyH6hWpItB3kroLkgbAs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:51 GMT
content-encoding: gzip
server: OXGW/7f1e280
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 7853
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEMDVV3v1fDy8A933qEfXFVs&google_cver=1

23 B
172 B

84ms
35ms

Image
image/gif

104.92.106.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEMDVV3v1fDy8A933qEfXFVs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLeq9sUBMAE&v=APEucNXK50sdW1VR1x_PFnIMSoAt1Wg_J6ZgUxJ9O8-2fHV7KhZJnb6MNbn_lKFUh1HoniVx4nxzk0x__k2aRJ_nIUKtCkcN-GtbUZh-ugM7dTtGrClHG2hySEsNOcEFOHOxsMeMtT9Derq5NNkXwySke4JWMyhWu2zfyH6hWpItB3kroLkgbAs
Protocol: H2
Server: 104.92.106.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-130.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:51 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 30 Jun 2022 09:55:51 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEMDVV3v1fDy8A933qEfXFVs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 7853 23 B
172 B 99ms
31ms Image
image/gif 104.92.106.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLeq9sUBMAE&v=APEucNXK50sdW1VR1x_PFnIMSoAt1Wg_J6ZgUxJ9O8-2fHV7KhZJnb6MNbn_lKFUh1HoniVx4nxzk0x__k2aRJ_nIUKtCkcN-GtbUZh-ugM7dTtGrClHG2hySEsNOcEFOHOxsMeMtT9Derq5NNkXwySke4JWMyhWu2zfyH6hWpItB3kroLkgbAs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.106.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-130.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:51 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 30 Jun 2022 09:55:51 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame D1C0 170 KB
59 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
Origin: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 12:00:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78937
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Jun 2022 12:00:14 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/elements/html/ Frame D1C0 8 KB
3 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DI5rvpLx_Glu1AcefDmdF5xpXkZOSmoPCUbvhF38HDlLjporiZX_ej8ROggAzRYIyKYbRyIZss77Is3kae5bx6meUnuJGy-nE_Yd0KLl-PYXEkHySgtbgLC-A-scjniHbTC1mmhmN8haQwMtPJBWLbqw8tHA&dbm_d=AKAmf-DLQirmN13p1euTDkj7Ma0WD08Qzw-JNrbG69ZgUKq47HKZy-6mnGgbi-IeSY8dX-Vy1_5Ba5e9xxtidUCEYgp7nvmBFSTTA7hM-_I1oNU8vCd8F-CCDrhJ7wSj7Z28NX7PLywFqhPW7R1UZ9N3BxaSv3jU0j07zf19e6V1UA1JxVR911OoXZzEvwLrCYu8EeKL1aCZ8D-9LZbeRc5mlMd6tR72LWMtn7RdPaie77hydlZGlgTvCVPD4T2tjnGl1dTBQWwnMNus_waFb_k_CsP19AM8nqoTiTRcN8Gr0_SV59YEwj55yTOidTNIf98JYBj_FQNd3ry0jTc8dOn9q75UuoYa_h4FmScSqbIlY4cis7J5-c2t1YpHidmGwG9Kv2xuf90E8CfDfVKkEWQABCgX5JpK9pnojhkGWnMQqjh7Rf8lE0kLEnhwmS8q6LFxcBlEG3L7PXw2XiOCPEOHBioBTzMQvqp-nCcz3TuiuwJqrU1QrpuTV2GNrI_GEmB-8kkBOiFA5JGFVYVo0SYRdp6Fv1aPKBZ-K7Xzdldsj3tLDYWqfMGq8yDOmFitwkG9nAUCS41p5ezmPMia4R4XITK8JyK7qseEVOQN-7EFwYDQc8L8dX6MHyVWT6Iyla6_aYzuXaewEWUh8lsyPuFE-RBMV-s-lI-2Da-qHIlv8lBI3CXkwbBl-ErA6URoMhK5nxjsiMyBqcC4urznVrLVPs3BFpL-aXUSxGhn4iS2pYGW6bjvwoec2wit5dTlNkBH4lTvsKwRP-Ju6syzDBijJ4JSZn51JqQbDax8oFTG6wbvgtnx6_D7HpBGgNeLQEJQem2hEiRvywAXe8_nfd7GIAV05ZgD895uP_ux1bSTlsOkH6vgKBuORgfHkDqtKyytD11rX1Dly8hb_OyaRh8q7UGZDl-OBV9xaTWutZhl8GtczFFJpP18epXnsUJnBfdVXch08_tTKkA44y0CXzOeTLGqOu4mPehorVwbMJvkigHGdhf1btC2wh5jGLRw-bys36DLvnA_CG3AjVtVCRCHnfd2U3McTSOs8P7gG4feT10QrvGh7H2ueJd9cQiKIyzoc9NipDxxlcUdG4ssd1IhNEUQG0B7G3aMGOjYVnsdB_KRngLBWpomLR27I-Eua69OR9Pnhfhc3SaEely68mU3xSDbjm6kx7dzuh4Fx-I_C78qHWWk1rXJQDHvaURBn2PJCs1fp4Npp-d2vU7o5ZFfkIZb6Mb01vnM9H0yP6vaaxPhMrFTEzScxp8GPbG9UQMuVdeb009jnZiuHNtLPoqUlZKY3QfsSP2Jk00ahsxl7lBEf6xe1-YN8bgfs3ycMuV1x3JmRs-7rPF5pKwlt844vIe7fubylaziresdv0z07mCgLoHcVnfF511JKe_un60fZwyk-kvHZ0ef_ZrZOFwxfT6ObdQMwHducL1DecnatCvO9Fga5I7nyF4-XDHjkJSXgGSL5M4dGr3rx4jeJlNB_2HwzX79nr35IrovZShF7EVJY1T-ivnQpU0jUtghbxE5Z2eWvVxiPOz6N8erMJ6JlWdoRYiJkPHOYu70FCi409IWTYgaJa3s7dWQ3Bdufg1SqIypUDgONtj-5avMi5O----eT6Y9vRZe05mG6vFD0HmWZJE0ERcbU1Qn2wHTRJXha-bAvumq_MR6s1ufn7axIGzutiWkDyD6e5P3QNEc2ZluEJQbE7BcP42Lhl1UFGz8Srx_1E7Pgy-tiQbks8SdltwUP7XxImP14QdATgGRHtkHHFkBVR7LtpwaAOjo-nU_3BAf8sP6GMt3lktBpONgoEG2ae98dp6Z1pyWF7UwyEGZ7eFfsFhvLzIzEswL-FgViFp3Ybg7xL9nrt8UeofWUWNvn_nMwn1oyiMAU1ia8DaREP2USfRg-xsOXUcfdAH-ddu_ghYgWSTTeYxNUcao2IRjfGXvmAjg65Ogx2ffLcYeUXby1_pq5cRy_sTw03QZz-K2VQAGbmLGj7ENKprznj7uGXqqoHDVPbolpP_9NLh4chrr75Y6GWoe2zulN7c-J6FIdTO9RCJjf2itFwkVlDAtqdQdU1NprQdWTHDv78Aq3kJy_6nTwyZOar-fZWW9vcTQzqHqO_U1pZ1vYYso1VN1gjjwkf99Qb5CQM8XyDiqEArSmzPbs80FJE1DedrfY8T8-jdnmiS5dfnrDps-GCBmbSOSKpIftIsDt53gFmlkk06dvTrMk4QlODOCYypTO4KSq8I3dpbZVo5kwyHctvyfyHldN46vnD2UhHwbxA3Lfw4Z-NY_SUYngIskXHOLx4jEYb3kB3iKAxFFcWilAhUF8DvzkBgLxJ0T-t95KtKoISwxziYc5Hs-ZUEJnVVQ4LhUzLxlyFIGk1vWFAFCtmnvu4T2d4cLvGdykbteP0LJ8BOALk8kJHFi-EPlCR2Jo65GPiX5Z1NJScnbKXNG3Xl0ssCtUTuhPaBUCkmmTRqVBiUTc7ppuD9ozhdmSV52zRx-pA8e8_ii4rJvJjKqiTy0zPijTyNb5k3rNu3UFsQ3FyxibAFvP-pospmCJt0S_ozcGGA2rZKhvaBCGBv_rOWllJhWAE-Ejvgz4yO6V_m1VF1eNXxcQtjiQLnHhNYkLCHFRBRTvquGoRanKjbxH2Cw56-mC43_UsEY1JSnHuwnRhQzwqNZ030z31zJzDSWApMyEdpbDBPVoHdg3wLIy__v63XQxxwPKSoHuLy7qGxWxFYjlviGJEkA5lBHhqRJ7hOjYNBF21HACFl7K9zuP6v1aHEjudJhHTHNwqj9a3q-PCKce2Chx3djF_jAppLsKFSriuqSRdfdq1hfBdgDAIuwD6X4R5S_io3y5zc8iwZJcmIjm0e29H2riAgUHTU7PSJlFLD0iPgY-TTLGmgQcdQA-r5eF9Speqej6DKbVhVTjpgFiD0e4lRqVH4-LTma86-dLSlgSPEHt1ZAUSHKUHok1Hm9z7vx1QI79vob9PC6YjTRofH2dB0AeIl16OZ1TMv6IeniS62K-FQacJKZvT4hjJvgZMzzPrgv-GiGYJz4JfnumG8TTb3-uD-Gy-e-8J9E9YX7FBxb8ypgJtCqhLh95SktCyxAs1GhavMfgA44NW0tepgoZYxbw08mnQMMh5Tqi-D2SNuETIyhQHPq45sOneq_XmJsrjDaQT_lL6QDxFdIAicLzfK7FrS4N1_ZZdg4eW-KMwr-hXqOUikqHjvTCzJS8kBonSRdLLW8itgfZ-QDNTs&cid=CAASJORomuiCa2nqZH43iv0Uan31Al_oQxwXy0LqYV6vG9gUQjjyXQ&rfl=1%2Chttps%253A%252F%252Forientaldaily.on.cc%252Fcontent%252F%2525E7%252594%2525A2%2525E7%2525B6%252593%252Fodn-20220630-0630_00202_035%252F%2525E6%2525B8%2525A3%2525E6%252589%252593%2525E6%252593%2525AC%2525E5%252586%25258D%2525E6%252595%2525B4%2525E5%252590%252588%2525E5%25258D%2525B0%2525E5%2525BA%2525A6%2525E8%2525B2%2525B8%2525E6%2525AC%2525BE%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:49:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 09:49:07 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/ Frame D1C0 27 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:51:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10545
x-xss-protection: 0
server: cafe
etag: 4672069523611413616
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 09:51:27 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D1C0 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 06:00:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100538
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 06:00:13 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9ED9 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14527
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 05:53:44 GMT
etag: 48472445140208031
expires: Fri, 01 Jul 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D1C0 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86bb9a3fa5580e06533f514d0c74c7529b19ae54faff68715933d62e25e87d88

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8828632559684167007/ Frame 00E9 36 KB
6 KB 16ms
15ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=4wdzicLBxf&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

748646bc30925c61574071e2cfe947ece6be153f4d4e4b5d1d192cbe2f5e6cc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 09:55:51 GMT
expires: Fri, 30 Jun 2023 09:55:51 GMT
last-modified: Wed, 05 May 2021 19:27:43 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D1C0 0
27 B 54ms
54ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssaAgw2qWodFnO4KjRZNMnkLjFDgFiTWWXqpPOi7a1MH1lw0N6-BavUdRDeQTUoxQ3UC1NMD9yOOFYjgmfB_oFz76HKJekRQbV9U-AWwq0NKrG5yTPHRN50S099e3pRdPPp5_5H0OkYw1NIDXFpG_N8juKPQxgePpIsmOjqtZgLFo5TxTNaNRZ1L9CtI6HBdiyq5YHhBJCcm9C5MskWCXStpr4aP--Uib7TkzwAIuUzWkyWXGqLYFoBsaudpAW8Gl--IfgR_GW-OX8zoWX_OHyj0EemJD7hS6hAhK6RosBQLfgz1ho7DZSvTtO-K_1-oC7dq7d5YlOLloi3xWtToPZg7qIR4bXw_IlmZGFjYm05K_lMrinC6GkSKXmgobndlQb_gwavnjqJfn0aTQHpQUFI5Av10o3jny9rQywzDeCaDaEIKxStNcINYlrp14OFi6HlywU6YL1d3QKxy31NyhzXFZKLnxq_JLO8PMRE-iWaACJ93NmA97E77oGc5RgDNC_w3qu4pIyIn4VFV-uEQvYDLIDcCfhExFQPs-BKzltfGOyvFCNYUPkJOZGA_MaQKDGRxEJVFHWT8MjAqRVdRhdiO613dGS7-V9H-WD_-ImlH7Oy4IYnFxeJlrnOmXrnReaZO28yBbE2W2oSefRkYEyJqusDV0r8RsNdRdw9n19MKTaHwqYE49mLafQdbhvrYfsJVevDlzaDNIWwp9LpU01BYD1a4LjX1tffBO_9AJ9pfUV8f8fix5a1CGeWPAb9-VwzA9YNy8FAPoBWA2cD3lSygIeu8GSPBxMnRXX8pMGKPjAgeXAz5aYFi58ALZHvI9OAot78_7qRLZU5b7OYnfticcSW5P2i6Uy0pTmBWeiyzdczhDmd0g1vDpuDuAHIALq2YFGD8R8C81HTtTn8vrzn26480SZ0-MMMrvtbFwGtml-VU1PvwlLVHSiPfiIfP2mpMx9fSlDpHlrBgxTkquqI5f91RrM1AhzmwTuX0lXn6Wp6BoB8dKFwQ_xms0ZL2wE9l102DHPdR7XpyW4QGtPS_Ff_mlSM8JV8Sw96iTRnPVnHLfbn3hdOvT4yNXdtPyqvPXXEkL-XuW2mxMFoDdMKCfGlWtrHfJCllZVlpTKRmdxptRsZdQZpwtfE3F7st9hMtGnuqLRF3v2gtIVkLQQVNHzlMFT_DV9xmOS85DD33DGHwOQCdM4tNetCh3kh173Cr7wy-TuwUZNjAgfX9A&sai=AMfl-YS080ftAaqXoDqtg7UgrtjiD59uTuOcgfUZeIJji95kqxJgwydLFLLpFzqTPmbz8xvUGjkPp1Bsm34icdJqTXA6mPBM9N-L1SaJz4-EKaA9uYkFhTSRSo9sLVnnIfJ6IX5fOjSHnMo4ybzLlhyUNsYcyZLd2WvWzhfv4B3yGxxdFjEiUhhmyQMeD4aeYtdHBR7-Z3Y6mUw1CDV-5FIpkg&sig=Cg0ArKJSzFvJ0E7_vIypEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=66&cbvp=1&cstd=59&cisv=r20220628.06882&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 30 Jun 2022 09:55:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

firstevent
skydeutschland.demdex.net/ Frame D1C0
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=332080882&d_campaign=27483059&d_bust=180956963&gdpr=&gdpr_cons...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=332080882&d_campaign=27483059&d_bust=180956963&gdpr=&gdpr...

42 B
964 B

141ms
140ms

Image
image/gif

34.247.9.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=332080882&d_campaign=27483059&d_bust=180956963&gdpr=&gdpr_consent=

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

34.247.9.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-9-43.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v035-0de2c5bef.edge-irl1.demdex.com 7 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: gELMmxCpQ5w=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v035-0f0f97c73.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: nHwAkTx1TD4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=332080882&d_campaign=27483059&d_bust=180956963&gdpr=&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame D1C0 43 B
1 KB 76ms
22ms Image
image/gif 213.202.235.8
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=27619585&extPm=415077687&extCr=17488356385&gdpr=&gdpr_consent=&rnd=180956963

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.202.235.8 Herrischried, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Do, 30 Jun 2022 09:55:51 GMT
Server: Microsoft-IIS/8.5
Date: Thu, 30 Jun 2022 09:55:50 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 923
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5E22 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 242281
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Jun 2022 14:37:50 GMT
expires: Tue, 27 Jun 2023 14:37:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 9ED9
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAYvD8_sLR_TioQUz2_LBV4&google_cver=1&google_push=ARnp8GDFmUdHeLozXPvHP56jwPPb0E6X2lcGTTJj-Op0cP1HI96JWRw0Et8Wt09M1fFVlNnx4MIz7OYLFrwLihJPEgFgmRpSOxoevQ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA2Njg1ODM4NTYzMDEwNjY5MA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEK0vPgN04MjX9HEbL7NfFZs&google_cver=1

43 B
398 B

159ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEK0vPgN04MjX9HEbL7NfFZs&google_cver=1
Requested by: Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:51 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEK0vPgN04MjX9HEbL7NfFZs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9ED9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENVJ1vvR-y4CvOlReAEITR8&google_push=ARnp8GCoAJcgecB0Mly3-oduZx50j7fbIZFCsZKq8rDKASte--_2DRU-ps...

170 B
188 B

20ms
19ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENVJ1vvR-y4CvOlReAEITR8&google_push=ARnp8GCoAJcgecB0Mly3-oduZx50j7fbIZFCsZKq8rDKASte--_2DRU-psKF76qmKPBRa2x2BMmTpp_pvyLhzbx18qOrCzn1kvCZow

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:51 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1656582951.456359,VS0,VE89
x-served-by: cache-hhn4051-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENVJ1vvR-y4CvOlReAEITR8&google_push=ARnp8GCoAJcgecB0Mly3-oduZx50j7fbIZFCsZKq8rDKASte--_2DRU-psKF76qmKPBRa2x2BMmTpp_pvyLhzbx18qOrCzn1kvCZow
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 9ED9 70 B
265 B 104ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOR8TK_G_yKjuiErXo3Dc1o&google_cver=1&google_push=ARnp8GCc7_TxKZ4DgUBvH7HwzrEuRXQg4NfdIH4fcaXRnoONDLJTQ1a-ampBfRrc9Hz7tDYhF8LzBqoHex9BrNV15qjuWJ6bqAZNyw
Requested by: Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:51 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9ED9
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEH9p0VFK0ubSTND931jfRCo&google_cver=1&google_push=ARnp8GB3hNTtYBElwGU1Bqv2puRC-9wJIVLGkioa2nGnrpbK71rLPkk3AGdTC9Auc4hqSfNnh_LWHv83meyM4pANUhOk...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEH9p0VFK0ubSTND931jfRCo&google_cver=1&google_push=ARnp8GB3hNTtYBElwGU1Bqv2puRC-9wJIVLGkioa2nGnrpbK71rLPkk3AGdTC9Auc4hqSfNnh_LWHv83meyM4p...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ARnp8GB3hNTtYBElwGU1Bqv2puRC-9wJIVLGkioa2nGnrpbK71rLPkk3AGdTC9Auc4hqSfNnh_LWHv83meyM4pANUhOkzywP4GmP5w&google_hm=hfVemkkjTtyc72dqKnvkgQ==

170 B
188 B

22ms
20ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ARnp8GB3hNTtYBElwGU1Bqv2puRC-9wJIVLGkioa2nGnrpbK71rLPkk3AGdTC9Auc4hqSfNnh_LWHv83meyM4pANUhOkzywP4GmP5w&google_hm=hfVemkkjTtyc72dqKnvkgQ==

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ARnp8GB3hNTtYBElwGU1Bqv2puRC-9wJIVLGkioa2nGnrpbK71rLPkk3AGdTC9Auc4hqSfNnh_LWHv83meyM4pANUhOkzywP4GmP5w&google_hm=hfVemkkjTtyc72dqKnvkgQ==
Date: Thu, 30 Jun 2022 09:55:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 9ED9 43 B
65 B 22ms
18ms Image
image/gif 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEB6Yko38gT0Z26R1-Fme7l4&google_cver=1&google_push=ARnp8GCEzFf-m7HQYt4j4hxrHfPcSXt_DJcUZfH2jzn4eGGxxHf9b7QXF30_A2jYbbH1yaXPAop0IyxBbqz6zzzUMNekx3O0TBZWgg

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Jul 2022 09:55:51 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9ED9
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEMG5wiAG1c_zWGoxa8kEAvI&google_cver=1&google_push=ARnp8GBoTXYyBqjLwAZIY_KgrQqlqhXqBvT03zt4GPmZQgRFZ6c_2BPKcvasyKvIT7AahOxe_tI3V4bSydAwic1SU_4OqoN...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMG5wiAG1c_zWGoxa8kEAvI&google_cver=1&google_push=ARnp8GBoTXYyBqjLwAZIY_KgrQqlqhXqBvT03zt4GPmZQgRFZ6c_2BPKcvasyKvIT7AahOxe_tI3V4bSydAwic1SU_4Oq...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GBoTXYyBqjLwAZIY_KgrQqlqhXqBvT03zt4GPmZQgRFZ6c_2BPKcvasyKvIT7AahOxe_tI3V4bSydAwic1SU_4OqoNNd2DQ3g

170 B
188 B

19ms
19ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GBoTXYyBqjLwAZIY_KgrQqlqhXqBvT03zt4GPmZQgRFZ6c_2BPKcvasyKvIT7AahOxe_tI3V4bSydAwic1SU_4OqoNNd2DQ3g

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GBoTXYyBqjLwAZIY_KgrQqlqhXqBvT03zt4GPmZQgRFZ6c_2BPKcvasyKvIT7AahOxe_tI3V4bSydAwic1SU_4OqoNNd2DQ3g
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9ED9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELl3__V4GDKLMUKQNwXLNKM&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELl3__V4GDKLMUKQNwXLNKM&google_hm=Yr1zJClV1LElFqjpreatSwAABI0AAAAB&google_nid=index&google_push=ARnp8GCewjc5O9EW1dTBFXl1mv8mOwZOrUKsl...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELl3__V4GDKLMUKQNwXLNKM&google_hm=Yr1zJClV1LElFqjpreatSwAABI0AAAAB&google_nid=index&google_push=ARnp8GCewjc5O9EW1dTBFXl1mv8mOwZOrUKslnloRXxr-exQKiRisHfP90MltjxXcaE7hUqKJK0Ty0j3p6YHohRAEfKyXPC9gk8OSg

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUL2EZNirCdfAsWgPfmTpDpBhzExCfYRY6Q49skCxn2ArPV7QFQWsOtmP9cRFiS8N42S8jODw%2BzbmQQewzHVulAMsllLevPri38kqOW3zolQVuAzocmi%2FtbWKgeOPkHQN9sjh%2BJKgIgjBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELl3__V4GDKLMUKQNwXLNKM&google_hm=Yr1zJClV1LElFqjpreatSwAABI0AAAAB&google_nid=index&google_push=ARnp8GCewjc5O9EW1dTBFXl1mv8mOwZOrUKslnloRXxr-exQKiRisHfP90MltjxXcaE7hUqKJK0Ty0j3p6YHohRAEfKyXPC9gk8OSg
cache-control: no-cache
cf-ray: 7236075679196933-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9ED9 0
12 B 19ms
16ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I5GSdF0ZM0aggpYt49aHvnqbGwEA6uwqFbYzI5UNta-RsYmXoq7Bi3Dn7kD9qTX8puRQOP

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 style.css
s0.2mdn.net/sadbundle/8828632559684167007/ Frame 00E9 6 KB
2 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8828632559684167007/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=4wdzicLBxf&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4431ed2e1a04ff61147b043d77314af2c6711194fa816b09187c945a24be7ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=4wdzicLBxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74357
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1805
x-xss-protection: 0
last-modified: Wed, 05 May 2021 19:27:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Jun 2023 13:16:34 GMT

GET
H3 200 Enabler_01_244.js Show response
s0.2mdn.net/879366/ Frame 00E9 109 KB
37 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_244.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=4wdzicLBxf&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=4wdzicLBxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 06:57:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10689
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38072
x-xss-protection: 0
last-modified: Tue, 07 Jul 2020 18:35:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Jul 2022 06:57:42 GMT

GET
H3 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/ Frame 00E9 59 KB
22 KB 37ms
19ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=4wdzicLBxf&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1756611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21678
timing-allow-origin: *
last-modified: Tue, 21 Jul 2020 23:12:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f177643-eca3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OW1a37DfTPkNUvbfBIFgmOKkyw6FtT7zpCMa66pXtEDB7%2FCs58pheerGP65HuRU4r3Ic6nthIM2ZdoMFq8bcPoxDcQCPLsWDlEcFhfnIeLVx50JHlU3FnZoaIo2EOA7WxDS8Bt2i%2BdaJvY7ymSHFt4JF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 723607569e160211-ZRH
expires: Tue, 20 Jun 2023 09:55:51 GMT

GET
H3 200 jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E22 36 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 09:10:06 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D1C0 0
26 B 44ms
44ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssaAgw2qWodFnO4KjRZNMnkLjFDgFiTWWXqpPOi7a1MH1lw0N6-BavUdRDeQTUoxQ3UC1NMD9yOOFYjgmfB_oFz76HKJekRQbV9U-AWwq0NKrG5yTPHRN50S099e3pRdPPp5_5H0OkYw1NIDXFpG_N8juKPQxgePpIsmOjqtZgLFo5TxTNaNRZ1L9CtI6HBdiyq5YHhBJCcm9C5MskWCXStpr4aP--Uib7TkzwAIuUzWkyWXGqLYFoBsaudpAW8Gl--IfgR_GW-OX8zoWX_OHyj0EemJD7hS6hAhK6RosBQLfgz1ho7DZSvTtO-K_1-oC7dq7d5YlOLloi3xWtToPZg7qIR4bXw_IlmZGFjYm05K_lMrinC6GkSKXmgobndlQb_gwavnjqJfn0aTQHpQUFI5Av10o3jny9rQywzDeCaDaEIKxStNcINYlrp14OFi6HlywU6YL1d3QKxy31NyhzXFZKLnxq_JLO8PMRE-iWaACJ93NmA97E77oGc5RgDNC_w3qu4pIyIn4VFV-uEQvYDLIDcCfhExFQPs-BKzltfGOyvFCNYUPkJOZGA_MaQKDGRxEJVFHWT8MjAqRVdRhdiO613dGS7-V9H-WD_-ImlH7Oy4IYnFxeJlrnOmXrnReaZO28yBbE2W2oSefRkYEyJqusDV0r8RsNdRdw9n19MKTaHwqYE49mLafQdbhvrYfsJVevDlzaDNIWwp9LpU01BYD1a4LjX1tffBO_9AJ9pfUV8f8fix5a1CGeWPAb9-VwzA9YNy8FAPoBWA2cD3lSygIeu8GSPBxMnRXX8pMGKPjAgeXAz5aYFi58ALZHvI9OAot78_7qRLZU5b7OYnfticcSW5P2i6Uy0pTmBWeiyzdczhDmd0g1vDpuDuAHIALq2YFGD8R8C81HTtTn8vrzn26480SZ0-MMMrvtbFwGtml-VU1PvwlLVHSiPfiIfP2mpMx9fSlDpHlrBgxTkquqI5f91RrM1AhzmwTuX0lXn6Wp6BoB8dKFwQ_xms0ZL2wE9l102DHPdR7XpyW4QGtPS_Ff_mlSM8JV8Sw96iTRnPVnHLfbn3hdOvT4yNXdtPyqvPXXEkL-XuW2mxMFoDdMKCfGlWtrHfJCllZVlpTKRmdxptRsZdQZpwtfE3F7st9hMtGnuqLRF3v2gtIVkLQQVNHzlMFT_DV9xmOS85DD33DGHwOQCdM4tNetCh3kh173Cr7wy-TuwUZNjAgfX9A&sai=AMfl-YS080ftAaqXoDqtg7UgrtjiD59uTuOcgfUZeIJji95kqxJgwydLFLLpFzqTPmbz8xvUGjkPp1Bsm34icdJqTXA6mPBM9N-L1SaJz4-EKaA9uYkFhTSRSo9sLVnnIfJ6IX5fOjSHnMo4ybzLlhyUNsYcyZLd2WvWzhfv4B3yGxxdFjEiUhhmyQMeD4aeYtdHBR7-Z3Y6mUw1CDV-5FIpkg&sig=Cg0ArKJSzFvJ0E7_vIypEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=183&vt=11&dtpt=117&dett=3&cstd=59&cisv=r20220628.06882&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:55:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 00E9 7 KB
5 KB 23ms
22ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_244&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6ff05fe97e4d8dd658504bb7a3cf78734ba2ce8ced658fe0127ddb58e295042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 09:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5495
x-xss-protection: 0

GET
H3 200 blank.png_1621953238939_blank.png
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame 00E9 95 B
123 B 7ms
6ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/blank.png_1621953238939_blank.png

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=4wdzicLBxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:58:36 GMT
x-content-type-options: nosniff
age: 53835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
last-modified: Tue, 25 May 2021 14:34:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Jun 2023 18:58:36 GMT

GET
H3 200 DCO_Retargeting_All_Sports_0222_160x600_1.jpg_1651676357406_DCO_Retargeting_All_Sports_0222_160x600_1.jpg
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame 00E9 54 KB
54 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/DCO_Retargeting_All_Sports_0222_160x600_1.jpg_1651676357406_DCO_Retargeting_All_Sports_0222_160x600_1.jpg

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b05af9127a7c17486b8dce561b3cb34dc6245252e546e33b6772ee518b22fdbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=4wdzicLBxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 13:49:22 GMT
x-content-type-options: nosniff
age: 504389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55181
x-xss-protection: 0
last-modified: Wed, 04 May 2022 14:59:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Jun 2023 13:49:22 GMT

GET
H3 200 DCO_Retargeting_All_Sports_0222_160x600_2.jpg_1651676357406_DCO_Retargeting_All_Sports_0222_160x600_2.jpg
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame 00E9 43 KB
43 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/DCO_Retargeting_All_Sports_0222_160x600_2.jpg_1651676357406_DCO_Retargeting_All_Sports_0222_160x600_2.jpg

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78c728c403f835775f748872c9b6814f38897f68a4f415419ebfaac36ed0761e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=4wdzicLBxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 13:49:22 GMT
x-content-type-options: nosniff
age: 504389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44245
x-xss-protection: 0
last-modified: Wed, 04 May 2022 14:59:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Jun 2023 13:49:22 GMT

GET
H3 200 DCO_Retargeting_All_Sports_0222_160x600_3.jpg_1651676357406_DCO_Retargeting_All_Sports_0222_160x600_3.jpg
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame 00E9 25 KB
25 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/DCO_Retargeting_All_Sports_0222_160x600_3.jpg_1651676357406_DCO_Retargeting_All_Sports_0222_160x600_3.jpg

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a789972588e2c23eff74f0fdf1dae7157d554539e7c86e5702f6f3c190547f9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=4wdzicLBxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 13:49:22 GMT
x-content-type-options: nosniff
age: 504389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25338
x-xss-protection: 0
last-modified: Wed, 04 May 2022 14:59:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Jun 2023 13:49:22 GMT

GET
H3 200 sky_medium.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 00E9 27 KB
27 KB 8ms
7ms Font
font/woff 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_medium.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:49:41 GMT
x-content-type-options: nosniff
age: 370
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27952
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Jun 2022 10:04:41 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 00E9 17 KB
6 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Jun 2022 09:55:51 GMT

GET
H3 200 jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js Show response
pagead2.googlesyndication.com/bg/ Frame C113 36 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 09:10:06 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5E22 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BDpl5J3O9YqaJEZaY-gao4bnIDwAAAAA4AeAEAg&bg=!FhWlFVHNAAaLlKKnq5Q7ACkAdvg8WjH0AgsFrklB1UemqnefQjcbSa1bNc6M3DVT2xNdt089NZy9wgIAAACKUgAAAAJoAQeZA0SQyr3H3FiSQTkCj-uJhr7iS0uFnK0W9rjadxqXPZH3a4qfYM3runA5gZeKM004Y5etLQVcjRhRv6_yzJoWCSHl-k7EVm0iUfKOC5xpqaHbr7wCz23pHotxl6v6-sIte-8ShOq09akoplYPIwbZOKvGSSNgp5xQvSC29Sr2t-5qXayxzc1FHqwYGhXHAllcNq_V4cy7m921rv7PiCtnLVWSVkJwp0eK-PKDlWdds3LGf4knqqe7B2kMN1mlkhqNkSf8OIm2rdt98ochL54fvP5U-FfcUKfrqM_v4AlQ21Skuuj0DxFr_7W-HocE0PJvPZTfDVu1kqBw4KqD2ViyHuAZ_9mQGReNv8eM5RuXosYI5a2JXtZKsOKLEKGTqySrQBermf9fX51MuLFQ291MpYrh6xOLqfTO-ULYwlYH8dqFGu2njUqhw0ViZXaqvkbIcHjJ6sgr4rTdyY6pLbyseNATcySKbM0QreJ7r9q8djYdXiyfNarHke4dJRngZqpnRFS6T2zALUVMZt54fUNaMVt0Ekf-1KaQ9Z0SxqhTHBgNxJgcFU5leIGHBFJc_K5n8bAXsr_9sijjmwuzkOxdnMs5V-fBQYXssxeRYGftEaRPfzSYhuDAgiG6R01JLrJECqNMUG1M5yDr0pcXOpmwokCioU9jYqX1j4TaieBdP8pVzmzNgGAytbhfppJetnr2gZXJAp4vpL5_-8oYgbwljcZFJB3-w4TXjlARhAR3x_NmFM1aQYwXXA94eSOw3cPWPINAjBYttMsVSJ2s_zh0DjsnqY5aQVzk858ym2N9r8LCFWdozVwaLzocuQxRKlvQMV5eHL2boa-GH4TFKoC2A3wuDZ9mnYaooAl9L13lJmwcn47HnH8bUEUD3JUXNn8nPncQ3AhTs1BzcTX3fyYuWtoN5VGfJUgJQRcHqN0zoT17ZOSp8agd3Nd41nhQviT6Qc24q5Ch4v_LPTFWmeH11DYbDOmUF72Y0pcCKVvYtrQ0fynkQLDacYsbn8ETHIi0O4JAUBWhNI3-RVuZBUhmx9_FdUap0MSUKjRRsfai_XxjhQQpIiHJ6lP4juWZahvmt6wd3_IiAAv7xhmpumh9Eef5p4p1Fg

Requested by

Host: 40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
URL: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sky_regular.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 00E9 33 KB
33 KB 8ms
7ms Font
font/woff 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f738547bbcdbef189de47347ad84fc0bb0c15164980f51a0214706fa5c94a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 09:52:05 GMT
x-content-type-options: nosniff
age: 227
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33980
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Jun 2022 10:07:05 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D1C0 42 B
64 B 48ms
47ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvcx29KVL-d_s_2wjsy5NQrD6IvsK8h2Tq2fZCPeKV9JD8VdgL0RA_Xe0MEzAw40iIUJqPSVksL46LWbbv9RQ7pgYl5nzASfLIWlnMAfYGuB4FS-Ox8FS3jJHv3p4-tTGPDVDWtkA&sai=AMfl-YQq4Z9jdLZmNtlwCQyH-rgOZX9cC_748Y-AC65kuMQKegvQdJyzS0s4Heo0HljcLDUCKaFNQYsWf_jVBKmkqpDEJpMMMPjwBQo_fgFvHK1MZFRzilIYDR8XyOU&sig=Cg0ArKJSzNndFtzga3F-EAE&cid=CAASJORomuiCa2nqZH43iv0Uan31Al_oQxwXy0LqYV6vG9gUQjjyXQ&id=lidar2&mcvt=1000&p=572,249,612,290&mtos=1000,1000,1000,1000,1034&tos=1000,0,0,0,34&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2228334386&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656582951235&rpt=129&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 09:55:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEMB4qSq76mOU8RkP9WSCzq4&google_cver=1&google_push=ARnp8GCE7553ncApaHMBXaql1zvVkFOVfzpOVsxdKfYjffyu2fYK6BA6fwKXdCeKq3ht9XLidvaiTOUJs5HxP0zFA78bLppEGD1nrw

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEMB4qSq76mOU8RkP9WSCzq4&google_cver=1&google_push=ARnp8GAj1_Kr5kfgR0jG5l0mN4W_9cvVbtPF6aatSeRJoe0hxAl_sbL6Qt7UtxIV1S_w-NHRVLGEuZ8rHOjV4QBheDMzr2XBs-imwcw

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIn0DgaiPePdShkgmFaH_5A&google_cver=1&google_push=ARnp8GBO6XK5gTUcE5sogbPoEtPxTk4mpYKjY8A3kEc2cyPcih9-1z2mar8eULti80HxrtjhTd2I-pwncMCzkVMeCSFyHWe2CPPc2w

Verdicts & Comments Add Verdict or Comment

268 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ad4.on.cc/	1969-12-31 23:59:59	Name: OAGEO Value: SE%7CAB%7CStockholm%7C109+21%7C59.3287%7C18.0717%7C%7C%7C%7C%7C
ad4.on.cc/	1970-01-20 12:55:18	Name: OAID Value: 9df0e3fafb5cb4bda8b2a87b4a6b3ca4
.on.cc/	1969-12-31 23:59:59	Name: __cfruid Value: c70eb99c88f2f82d63862c4a8850fca642e26b48-1656582944
orientaldaily.on.cc/	1969-12-31 23:59:59	Name: fontsize Value: 18
.orientaldaily.on.cc/	1970-01-20 21:40:54	Name: _ga Value: GA1.3.1106156460.1656582945
.orientaldaily.on.cc/	1970-01-20 04:11:09	Name: _gid Value: GA1.3.1820641680.1656582947
.orientaldaily.on.cc/	1970-01-20 04:09:43	Name: _gat Value: 1
.on.cc/	1970-01-20 12:55:18	Name: _ss_pp_id Value: aa62cd9311902212e5f1656582947164
.orientaldaily.on.cc/	1970-01-20 21:40:54	Name: __utma Value: 105825373.1673556023.1656582948.1656582948.1656582948.1
.orientaldaily.on.cc/	1970-01-20 04:09:44	Name: __utmb Value: 105825373
.orientaldaily.on.cc/	1969-12-31 23:59:59	Name: __utmc Value: 105825373
.orientaldaily.on.cc/	1970-01-20 08:32:30	Name: __utmz Value: 105825373.1656582948.1.1.utmccn=(direct)\|utmcsr=(direct)\|utmcmd=(none)
.adnxs.com/	1970-01-20 06:19:18	Name: uuid2 Value: 5466374715893532870
.casalemedia.com/	1970-01-20 12:55:18	Name: CMID Value: Yr1zJClV1LElFqjpreatSwAA
.casalemedia.com/	1970-01-20 06:19:18	Name: CMPS Value: 1165
.casalemedia.com/	1970-01-20 06:19:18	Name: CMPRO Value: 1165
.quantserve.com/	1970-01-20 06:19:18	Name: d Value: EH4BCQHAJoEA
.quantserve.com/	1970-01-20 13:39:57	Name: mc Value: 62bd7324-57adf-82bb4-029f0
.popin.cc/	1970-01-20 12:55:18	Name: uid Value: aa62cd9311902212e5f1656582947164
.in.treasuredata.com/	1970-01-20 21:40:54	Name: _td_global Value: b531e687-f165-41be-8463-39d2e17c4be1
.on.cc/	1970-01-20 13:31:18	Name: __gads Value: ID=46f1c4f1af7d2b8e:T=1656582944:S=ALNI_MZGfu62wALlHBFNFbDdELaorJL-vQ
.pubmatic.com/	1970-01-20 04:11:09	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 06:19:18	Name: KADUSERCOOKIE Value: F54743C1-EC10-49BE-893F-AC01A0DB683D
.agkn.com/	1970-01-20 12:55:18	Name: ab Value: 0001%3AeANUYyAj%2F0c5wyQAJ26wknWzDJA4zMwm
.doubleclick.net/	1970-01-20 04:09:46	Name: DSID Value: NO_DATA
.on.cc/	1970-01-20 21:40:54	Name: _td Value: 0cc885ea-5a3f-4307-a950-123721097357
.innovid.com/	1970-01-20 06:19:18	Name: uuid Value: a331d38f-4add-4519-8b5e-487e83eda5d0-20220630 05:55:50
.e.dlx.addthis.com/	1970-01-20 13:39:57	Name: na_tc Value: Y
.addthis.com/	1970-01-20 13:39:57	Name: na_id Value: 2022063009555000091522314699
.addthis.com/	1970-01-20 13:39:57	Name: na_tc Value: Y
.addthis.com/	1970-01-20 13:39:57	Name: uid Value: 62bd73268723b342
.addthis.com/	1970-01-20 13:39:57	Name: ouid Value: 62bd7326000179524bcf85af9ea1b748a4259430d29adb9b9e32
.dlx.addthis.com/	1970-01-20 04:52:54	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 04:52:54	Name: na_sr Value: 20220630
.dlx.addthis.com/	1970-01-20 04:09:43	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 04:52:54	Name: na_sc_e Value: 0
.doubleclick.net/	1970-01-20 13:31:18	Name: IDE Value: AHWqTUlouF9aE4SqVD9NiVd9kmiaiogHOYAOnmwD0SMoSuDilSCXQWZpTB9ZDzgjLpg
.adnxs.com/	1970-01-20 06:19:18	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?_go6jE!]tbW8i_iqf!oN/@E'zz<Z0QuUBre%B<TOQ^(_NpJh[r8D?YR)Qw-hg@1hTD._*PlZ[C[-kX-Fa7.d
.agkn.com/	1970-01-20 12:55:18	Name: u Value: C\|0CEAqUC-lKlAvpgAAAAABAQ13AQEAAQpAAAAAAA
.bidswitch.net/	1970-01-20 12:55:18	Name: tuuid Value: 85f55e9a-4923-4edc-9cef-676a2a7be481
.bidswitch.net/	1970-01-20 12:55:18	Name: c Value: 1656582951
.bidswitch.net/	1970-01-20 12:55:18	Name: tuuid_lu Value: 1656582951
m.exactag.com/	1970-01-20 06:19:18	Name: exactag_new_gk Value: d429a012d96c47d9a88418002246ba17%7c29.08.2022+09%3a55%3a51
m.exactag.com/	1970-01-20 08:28:54	Name: exactag_new_uk Value: 62defeda03ba4ed8b3bbd2f04f4271fd%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 1f8ef8661c804a6da68b9666
.casalemedia.com/	1970-01-20 06:19:18	Name: CMTS Value: 3251
.turn.com/	1970-01-20 08:28:54	Name: uid Value: 3066858385630106690
.bidswitch.net/	1970-01-20 04:09:43	Name: google_push Value: ARnp8GB3hNTtYBElwGU1Bqv2puRC-9wJIVLGkioa2nGnrpbK71rLPkk3AGdTC9Auc4hqSfNnh_LWHv83meyM4pANUhOkzywP4GmP5w
.de17a.com/	1970-01-20 12:48:06	Name: guid Value: 1.2580298973271145365
.everesttech.net/	1970-01-20 12:55:18	Name: everest_g_v2 Value: g_surferid~Yr1zJwAMxSR15gA2
.demdex.net/	1970-01-20 08:28:54	Name: demdex Value: 35708627690856978263560419957977964926
.skydeutschland.demdex.net/	1970-01-20 08:28:54	Name: skydeutschland Value: 35708627690856978263560419957977964926

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://orientaldaily.on.cc/js/v3/odn-preloadjs.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.google.com/adsense/search/ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=697&adScreenW=1600(Line 32) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=697&adScreenW=1600(Line 32) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://on.cc/adv/web/corp/source/unicorp_v4.js?(Line 215) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://on.cc/adv/web/corp/source/unicorp_v4.js?(Line 280) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEMB4qSq76mOU8RkP9WSCzq4&google_cver=1&google_push=ARnp8GCE7553ncApaHMBXaql1zvVkFOVfzpOVsxdKfYjffyu2fYK6BA6fwKXdCeKq3ht9XLidvaiTOUJs5HxP0zFA78bLppEGD1nrw Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEMB4qSq76mOU8RkP9WSCzq4&google_cver=1&google_push=ARnp8GAj1_Kr5kfgR0jG5l0mN4W_9cvVbtPF6aatSeRJoe0hxAl_sbL6Qt7UtxIV1S_w-NHRVLGEuZ8rHOjV4QBheDMzr2XBs-imwcw Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIn0DgaiPePdShkgmFaH_5A&google_cver=1&google_push=ARnp8GBO6XK5gTUcE5sogbPoEtPxTk4mpYKjY8A3kEc2cyPcih9-1z2mar8eULti80HxrtjhTd2I-pwncMCzkVMeCSFyHWe2CPPc2w Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

40bc9d9b60fd589dad328fe8eac45e40.safeframe.googlesyndication.com
a.teads.tv
ad.turn.com
ad4.on.cc
ad6.on.cc
adservice.google.com
adservice.google.de
ag.innovid.com
api.popin.cc
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
d5p.de17a.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
hk.on.cc
hk.popin.cc
home.on.cc
ib.adnxs.com
image6.pubmatic.com
in.treasuredata.com
inrecsys.popin.cc
log.popin.cc
m.exactag.com
match.adsrvr.org
netdna.bootstrapcdn.com
on.cc
orientaldaily.on.cc
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.adsafeprotected.com
pixel.everesttech.net
pixel.rubiconproject.com
r.popin.cc
r.turn.com
rtax.criteo.com
rtb.openx.net
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
skydeutschland.demdex.net
ssum-sec.casalemedia.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
t.teads.tv
tpc.googlesyndication.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagservices.com
x.bidswitch.net
googlecm.hit.gemius.pl
104.16.169.108
104.16.170.108
104.18.18.126
104.89.28.165
104.92.106.130
119.63.193.220
119.63.197.136
119.63.198.143
119.63.198.188
119.63.198.189
13.32.121.37
142.250.185.130
142.250.185.162
151.101.66.49
172.217.18.2
178.250.0.166
185.33.221.90
198.47.127.19
2.18.232.7
2001:678:cb4:bbbb::11
213.155.156.167
213.202.235.8
2600:9000:2156:c000:8:48e:53c0:93a1
2606:4700::6811:190e
2606:4700::6812:acf
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:801::2001
2a00:1450:4001:801::2002
2a00:1450:4001:801::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2006
2a00:1450:400c:c08::9d
2a05:d01c:1d8:8100:ead7:db0a:c4c5:a8bc
3.122.145.17
3.127.61.11
3.33.220.150
34.247.9.43
34.251.55.128
34.98.64.218
35.227.252.103
52.207.58.221
54.194.128.132
69.173.144.165
69.192.160.219
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
01fb24629611503ba4ea42ea9d94c1b82449d62985a6087c5e22e9e38b9b0ff6
0218a32b5c20abf439b8b39ba5b3179019d0d3ad9183ca89bd9ae662fc959f0c
0350eaf35ccdb5e81fd6410f924aa857b491fce3bb1bc48e0935ad2b26a138e9
04a10b98a122cac304f213200a1338aa7b0c7aac308f831b9bb377be6368a6f4
0520780a52a9dc8a8db00c8afe179461d1dd9f4a369bd11c299e45b64aba6dfc
07678d180e3556e1ae4e871cc3dd15fdb60e60709a79e424f3675af25a648ce8
0a6bf83e852ce505163230054c023be0afbec473d5eb7c56ba2cea67e236fd8e
0aec15f636c485f3f7cd334a15982cbe33e446aca7ac46a0271696ef26a05765
0b598afd486f173c5d6bcba3863a904f0494eaf49957fb7c4b534a731cda34d9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0ca49b7de8f5e006ba5eb976937a3f9fb96b05ebfbb11d685c0b21ead94aacaf
0df3db2678c71d2874f90967df4df4b8f054d78b58985a59ed8a1c607a4e52c7
0e91e1f5f9ab1b71b71686baf06d7a1661f89786df2019f315b2d3b8d1186f61
0f93db846422aa8c72de38cbb2819358b78560e09242696224b08b0dd84af1c5
1043a461b2a3b48eb457124b0d7918f2de00e78f4242fbe261e778177732e9fd
10a1c3546508a4f60041203cd2de027ba35189ccac7bcc4701c98ac6595bc434
112aba6073ee49f1843f50fb5239e2d7c8a004325b50bd7f93ab093cb6b72e4b
116b0048cad8af91864a4070f8dea17e735cbc93627d5d411dbd68eda249328e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1589f2f09497ced0462a32268a796f287a5ab893ce213a8fbf39b233d2fbeb59
16260994f41ade51bc917ff94eb7182a0ad2210e801f7bf9c9f1b0dfe25735b1
176b6e30b48ace76fce19e261ac688bde72e2defab631d9c2fafea242c559714
179e2131f584aaf223928266ff48c9c85106f9412470680dd4c20084d9060898
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18576f2a2f7116a6915d3f562fea7b859337c27795401799a9e2ac6c1d8816b4
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
1af29bc4964ee522fe490a84a5033cafabef63b6f71e5a9e79b3a7d84b60ef6e
1de66009eea3c9f435d5bea771a3717b0c9dc7abc9418e9357442c1afec63117
201b64a83ec3a6c9f08e157fbb0d6cbacd971b9fc971c4d4eba6fcefae241cdf
202370a6bb2899416c9ae48d85030b16576d76dd43c21af78ca42e2ecae0e8d5
2120ebbbe270d6417b8d272c6450d10ef0d94235287b3eb2e2c8a52de73cb17e
2139db140b042be2a5bafd65fa757f0eb3cf3e0f97c6a8eec957052530b03d77
21751a2ef69707d95d710a599058bd1ad09a1ee89f84512e5f2291b2b94217db
24fc413b3688193ac1179ca8e2c40ca0cedc6ca1fa7d9702bc3fa82f333f5446
25cf30228770e3ab680486fb93fbd48d79513d37a98a4a9260671252c576da14
267567adb4b6505e023e870d208a89492534119bc9e581a7181e11d942ed56ae
27efe1fbf4e46321b8e5f5db48a096fa34be7190708286f606f5bb7257f6a0da
28b04b730ec93a432ace59ed70723ac53e3883f180bf8414f22b2fff89cda6a9
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
2b5514e397dfa4b681f07408e843b186c8e40f0c429e6b956154ac2c385aac34
2b9a7bda0cf41ad79dcb1adcda9b35158e0763c22ca9cc05ccb40b6ae108d65d
2dfaff152d24ca282243ae4f53ae4d50c909e568ada3be8c24ec725ce14f8423
2f738547bbcdbef189de47347ad84fc0bb0c15164980f51a0214706fa5c94a73
30cf6386a0c3b987faa377e1d12974e66af9dc0f0b13377eb4c1f532980033c3
311ed131ee2d852a3c476f02be22864564ce763ba88903e947cbaaf0c5c9c060
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35019316f13954f4258a8b048c51ae4cbc126bd15b26c3707aaef60debd9cc1e
350b869264924592f82e55d98feaf44ec0dfb85fd76f798503e8c2bc6eb98517
362a819db539b43a089db6fb279b870da7d7ab79d70df11dec2b6f3fce4be612
362f0078a407ebe75f39ff73c9adf4700c16126d42c229dbaca66db96b1a0eb6
363cdcdc13363ca0a317e4ac6b82721100ec58593c1cefeafdf6d2f21f56702f
38f26b6d55e2022f64e2bcfcb4f5480c546481804fdbc99e55acc1db611fbaf0
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
3c660dec6cd5e8f9e0b3c518da51439c7a47a1b28da85193926a06b005f0905b
3eef61507e5ba153c053a683aefc1e14a84044b401e846c5736572094dd2fe5c
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733
4379e471eed46dfb112bc6c7aedbce4360a76d9e33ff2857c43373b8be346443
45f029b0dec12e864c693266265b33e968158edb8ae5761c09013c8069544c2d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48deef5a4537b8c2d3bbc1c4cf8b5133ec55fade9fb3ab81bbe36bb4f7cc3f73
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5d4b4b81b4c4c46f266dde325b84e7856fc9dd0bf2e35332edb831ac7afa7c
4b7a5a4cc369fbf887fc098793578f308d0b3e1f51c6fdb5765e5b433e1dfc89
4c3dbb2a992819fe0810a2bb5f48c5789b35daca410ac35c6cdd34bfb488cf00
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50d359761c4834fd8c9361e73dd7e24af94f288c6e073443f11b78cff1f0747d
5124d27328c2f5c4b2a560fe2ad40a2ece04ed9f465f354fa35b741c124fd466
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c6c776f94b81f7e642cd6e6b9bc0f656061e113161f0cc109349482a17d631
54ddf015f68354280bc4c8b459b66d8fa3ddaddbdf5de7a76d57b26c22d89776
5577dfc0f7d981f0e52872f70475d085675200dab0f733ba23c4edb03e6124eb
5587ca41f509ea115a518336f6ac6e376379a25fda215b58c4921f84040f0f39
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5627922b3f1c49ed3d43cfb5699e1525ca7de0c6e6791aead848d3e495e268ca
57c57c3c8bf23476c0db84136a9b39fc2201cb9a982eca4cea83889ff68d23f8
57f20f65a10867616695b8f240166303c0376e91df1a7fc4d4bf6789f541fcc0
5a8c71c4cc7d5565e31fad7dc51eca8c09b8b737ba544f30372411d98a3edba6
5b1582fc9df76f0cab50cedaa2fbe5ec0a9cf52db13e4b98c36b6ee4694abb23
5b4a8698e5c880ff6090a1c0cd2558e42b26c5a1bdf6cb08b9d8f2d78077fdd8
5ce43ce6a59e5d2e5a115d0fee787ed219f53992ce7f2d9c77a6fde54357a086
5f52f5aece8d04c4685806353fb7c9646225fcdd825d1ba36d50472e771da79e
5f6a761102c6ab539f8c8886b76f6c4f92a49955a4bc5fec019a0e741638cac3
60198b5f3d89a81720a43c2af2ee3b2974a024811d1843502f083c7955a1f815
61373cb0fa602b4572dde5327f834507ac30f6254df36fe0feab0f03cd02bd11
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
61602351aa89bd66d37ff533399834164980fb950dd43879eb2a52f251e3f833
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6258cf89e1f9160011d8e08cca525e7fd687610408410ceb2b25fbbb7e9b08ca
62ac909c03d9849fe1bfd100483c096325c7b77b83d74e47f9bb3b9b71185511
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
6608bbd6ce1b8e7f4bf9006a30130f26ae6bf301cc878a08bccbf02b68e1396a
6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e
688bba0d1d5d0ae55a7dedebfdd6491928c3f3523787cf4595c70ac0de1bde55
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c2166c456df16a904a9694bf26fca192b82f6f6000103bce4d84ce2d89527d6
6ce9771f22be75ec6fd91a7c31765ce43cf2949b2fa81cba48416569443eb5f8
710a1d0944895f373adf0e0c726343013e4deb39e09be8e45a276ce8a056368d
748646bc30925c61574071e2cfe947ece6be153f4d4e4b5d1d192cbe2f5e6cc4
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
7700f3825b7ce6c180c377790acc64597f5f00ab11057bc7a95b2ed704a7e61a
77d3a6b19e6eac0ab89be6d6d6754ca0fd0ee47beb8b39350ecc6b534ee95281
7803ee9d8c70a70d6e0ea86a2497bbbd69520e837695a7e0399b84872f55dca9
78c728c403f835775f748872c9b6814f38897f68a4f415419ebfaac36ed0761e
798140180b673a00fd9685b6979fc85b9108be61c481ee8ab50e8de4f2ae7b34
79bb7f32bfdac68dae7fe9cb02ee43aeb9e89027cd0c7c06b12660bf95bd6beb
79c369802018b75882ec40d4896c33c99ff78227d8ccce93357fc8167b32d386
7a7c4424e5cb5c21be591baaf6203d2cdf6a50b582dfb077b2cc42d345aa6177
7b75455f6bc681b8ccf92a51442f1ac2c91fbfe1c813837a9650e975b3456913
7ded3b5fe5012c95cf55fce4d674274ec122c901a802db7371c89d1cb5179d97
7f4fb07db356f024984914d8364135ac3b56af2a009bdcd335fc6483db4931af
7f67d90d957dd4ee4d98b2aa84d917c435702010342d449a1bdc7fe3b7e1e4c4
80b527303614f3950afc1b442881a714307f13c4fe82abafb71e68d33172d6a7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833b346d8f3502bd1458bd3b684248778aab05223366e41470c0a013f74e459d
8480151cecaa2ec2dfebd120841cc5b0655981e12e7ab80354db5669d84f9632
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
8544fa9f4620e661e6b65d5189b43f284d3a23c1e25b5b6e197ddaf6f36b8ab0
863fed36a63359c178627fb9c1c55a6dae814afcb97df4c71ac785397f9e73a5
86bb9a3fa5580e06533f514d0c74c7529b19ae54faff68715933d62e25e87d88
870afcb46786b2bb14b4513b1fcd75be5b9566019065b696eac3857328c51e1c
87ae6ab60cb6194dd9d86d5aefb57100abbdfc5ef7d2a2a069d18b5e3a8b1a5e
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b7ccc05b6503041f9cdcfa664dfc61abb503723b60aca20f950804dc2421133
8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e4e4c35ff87a36336019407020403e1d73d317c7c49803e549ac705ce27e05e
9182241c0821b88dcd3047e50f7301863c71e00818b20ac639cb469a375f2482
93a39183c6ae715636ed25fd02d5a1afa92f61c780979f6f48c80b5d4c7482f7
93fea56abdc61c6717d54a30e86a8d2d07fac1402df07f4c42c93a2c78aa4fae
95ab726b785690da545e3b233dfea826e8ea269b79a858247eb6650dfe67f863
962f187c2e07072183a90cbb92b513e86821baad09eab1d87228745ca6d2f8a9
9674a6e7b407e2b658339481bcc5ded7da98f41075104c83592af4459750db87
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
975765c0fef1b080e3a7137df342f265d483f8c7927b8e10b923b92ebfa71378
981733af320237e1b71663066c5741539c54a8883268bb5e429cb49642f275cc
981a2ca896313448334b155c40c75f1bcd39918b5aefb820415fa142834ec0b1
98239200c8b0095ac21bc94b52976325a0634c733e055d16366765acb8bb755a
98b97dd8a7deaa5deb5db189d2232c24ff1ef9364a85c6e4af58652f4acb3bf3
98f79e72e80267adf8bf25528117eed154dff966cb31838d3c002362ac838bec
99dc0044cfebc1a8906fb5a71be5f41917615a0815955dede34d9406cd6fe053
9a5961396357e863a967803cce166fd3954275ccee1be16f7c75077414216918
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ab6ed9795e2f7e4f657148a92d36798a27dd29ab2d4e992fbce352de9a2e42b
9cdfc421265602e0a9c952b7c9e7ee8f58cfbdfb27b0d3649b818ecbb24f8908
9d3c30ad5bbeaddf13c0962cc3586228e77b2f343d3e76e8655e4a3ee487ed52
9de0c8978e69302a3aa776ff407769b18f57ffa7d8122c2da9ef747f93cd43cc
9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b
9fa702bcdf3df8c233163b3e5503579bb9109b7f426add09771cb54bbaa0275a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0543b0572fb5233fe7c4004a49e8139cb1ee4ea2ec24485090428692dc25ef2
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a12c17ab23790461e677329f9dac5efb0ce19a38fcece15f785ff7f42423cc26
a13295ffa73431bd92a7d3b657fe14eb139a711c435e50a55e919a39190ce112
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a789972588e2c23eff74f0fdf1dae7157d554539e7c86e5702f6f3c190547f9e
a89c5d02602316b77d7d50cb7b8a168c10d707994d6f2aba75788365896bf5ed
a9613f7645c91aacd5d5027d72140f3ffcb148eb265aeee3b529303e28f8bd03
aac0db71b09b09fade52f1d6e2cefdff67af34d335855a0d99c8d29fe9c5632b
ab229322552892c8734d333a6b52b479f3d9cf7c8a1fc9cf2d8bd6ba3420284b
aca369b7f67abbc64e8a9f8d2fe01bd42f12105dec97458faf311ad900e7c9be
aca6d2da6e15aaf6a2a3a84aba91a70d97d30f7188bf2526e238bda35fc5d01a
ae28ac28af4c43157ac63fb87660eeb34c97ccf6ac4a9c7340ae071a96bbfde4
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af2d583999658b96ba5bc7d5cf834ca654a8930d5937c8f4830ee9c7e6fac5ed
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
aff472c0460de9a351a5bf68578c5a1afbfb0f2c5f280d738a1b3f088950baa9
b05af9127a7c17486b8dce561b3cb34dc6245252e546e33b6772ee518b22fdbf
b076cd3e801782f9dc52ec4eb3f9c3a9c493f26277db261453ae6969f463710f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b25c86a38b295242f4b357ad3c2bd7f94d52e18d409ddbbaba64b5a5064fa1ce
b2c044e8e8af87330e2c1c28479713e3107e8b9fe79b3a881bcb247902531db1
b50c0a0deb95f235d8a83870eabda247bec8c7c86231c3e47954e328ff1e711d
b85ec12235a456ead5b2370041070fb6cecad1f6db376c484b15f68e0b98b7e0
ba4a2ed5c3aaca816b771346b5324c8789fd85d57856a98d5ff07290a19f1b95
bb02904d7b781b74b7ab5506401d37c87203c5d17319eb14676fb865e97684ae
bb34cfc714990dfc7c8b1e82f6ef39a654e92384973be4d3168964f8fd76d5c4
bb6671cf0cbb1c9bc49301806f6d40330f28492a49ea5f9ab42a9c4e2975d26f
be65b1c567e1f7558833b17c954318334b0e687a81cf4b77978460c58d210561
bf8e07f3863a8dc17833864c5f07759dd35fce17a3ac3e382cfa53b0465d4014
c0219a5985044cb8f08471d92d7e8aefcfaeef10634fded92940eeebb1c90699
c246f3f250ca5d05f6ff64bce59ae77784df81c151a1c22b9eba36d9e8effd60
c356781e5dffebe24b1c1bb1939a90471a9e09397e2c5d47d385b26fa8fa99ea
c362386195dbb7a2414aacaff230ea52e537dac0ff9914cc052809f6a00228b3
c3a9008a5f8f4e7f7840247168c1c335f01652d81cd205c86a824d9e483434af
c4d14f2c2dc606d17733d321dfbe8b722073a5d64b3cc9b107c09e2a5d263e3f
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
ca3308cd7b576f05eadbba21318102b7f10def1b3cfea4a00a3840eccbf0ba69
cb15699b8ac25947f2e62253efbcd84f1b954478d0a440f57d53186797e1d1f1
ce61748ce893b3ec7b81cd022f4a9ed673ab4c118f5cff9a4c72a2160d04b496
ceeb22b10688dd47283a8240cd51ea256a741b707d76013a1ed28f477d5c73e8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00ef9f9dce166845458fc99049b500dd07238787ccc25da41ea7f9ac7fe7b5d
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d16764885f976842c9157e7ee62b3c0187b4bb2dcda7d00555c1e2ce801581f8
d1bf5e901abfea769b7f81433070c2a4ea7f261d2726c4f6c078429604f7c843
d396a425aff7d36f065e55309236b089969a477738f1540f948df56853fe2127
d4419a80e846904c17f2483704bb36ab6dca21ce900fd7fdb5be4be442064da0
d4c9e237182baafe9273e1a0dbe7f8b6814c885a11c842fc879b0939c74cdccd
d6ff05fe97e4d8dd658504bb7a3cf78734ba2ce8ced658fe0127ddb58e295042
d82509736b98cf5d93d49f053ced5702fd9ca35deb0d590aa2d3a52e176eab22
d8884831d3c0db189aad3fa550eb11d5714173cc081b1a1055dc8e91c7c063fc
d9c56677f5e4bf4db2d10b3e4251337f9c954733c8b35b24f6861cf634ae42a9
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dbbdfd3cc8ecc010a5a3c55865a859b44008d80f04627faefb09e726139d0feb
dc5e0245a9f89d144afabfb55c88f190a4153ad8c3baa67e340a2a7715a64940
dd713d7980c21296da0a550b57782bb190e1677c630acaf0d10bb1ca0c25a4b6
de9d992a98e75e15ccc5e749614e41102eab269a7051078cd7fd855bddc445f3
deebccefdbb9e3846fb52bdeb875696fa33b4fcafb00d83ac8f89631084df26b
e1800b1aae8b82ca1b555d3a270660961aa37a1a0d27f9f84497dcd773fda3d0
e26801b344d9fb191aa53ea743d2d8b5f4888cebac66ce1128f63078aa53f750
e2ba400a3542c7f986dd240f2def70cc8d021912a6376e6da574c28630a67b3b
e32b017a5bc36cfd7104924ee59da3e015206b7be6132b36f5951b0e7775c4c6
e3abbdee23923fff731b29b9af1621396fb5266a78bc8a4cdfbf70cb47993fdc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e49484c10289ade69f6793b62747c2853739f9b850609c85bd271b0eb43724bf
e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503
e87acdff1b424f759f4ae178a9b5f2cd613162ad9ca9107eab6a1b4d00764130
e88277fb3af2797ea1ed8f612de86557d5926a94711f895adb28a09be31defd6
e9c6816fd8ada5bd202423068d7608179f056c77e57f9d1541c61011aa616a2c
ea7e05189d5512150dd04b56e523912e88c39d276da17c0e56ba2356ba785d64
ead571f2d6207d7aebd79e1f17ece3126edc853e83573fc1f74e14eeea4beb9e
eb8eba1460c995cb48cfbbbdd9f304a41a53320d9bfa6ce9ad0fa841b81b5e76
ed3376d25fca09028fe41665e52559bb88177ac13dfbbeac9dd28716bc0df000
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
eed02bbf05669a57c9fa23730f523ae85f4331eb7229d0b1eb7b047bec7cc00b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f67310a50c4720ca438927ad499f0eb5adf421b8106f950d4b4a3d4a7575ce
f3ebc2cee7a5b7b0a6babcc921f9afad143474933fc7171820c28f88270a7071
f419e7307780a5eaf54c57408a025126ac694c9ff59dc40982807ea16e4bfff2
f4431ed2e1a04ff61147b043d77314af2c6711194fa816b09187c945a24be7ec
f7549534209a328ff6b836b1e62991c2ed7d6f884e9e103bb30b67af8ffc533d
f8b4e204fa4f21d50c68e41e6e77a807c1374c45c0c9548542b0c4d84dd31528
fc48b7c9856fd04e9b657943d039fa00c9171fb2fed4e70f2fb0a0f9d8d5140d
fc5f43aeb0f7b3d6beb24841027dd070d88ae08c7529e3a50f4cd0fae5105e01
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fe95a4c752590b7e2d5296446643300206175ff9312c477057c1c9dec02e9f84
fff0e21870bb047343bb423f7d2526b209c74bdd7e22faf10cfad8042a9184dd

orientaldaily.on.cc Open in urlscan Pro 104.16.169.108 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

388 Requests

91 %HTTPS

35 %IPv6

34 Domains

57 Subdomains

41 IPs

10 Countries

4295 kBTransfer

8971 kBSize

52 Cookies

66 Outgoing links

Redirected requests

388 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

orientaldaily.on.cc Open in urlscan Pro
104.16.169.108 Public Scan

Screenshot
Live screenshot

Full Image

388
Requests

91 %
HTTPS

35 %
IPv6

34
Domains

57
Subdomains

41
IPs

10
Countries

4295 kB
Transfer

8971 kB
Size

52
Cookies

388 HTTP transactions
3 data transactions