urlscan.io logo urlscan.io
SecurityTrails logo

times.hinet.net Open in urlscan Pro
168.95.245.4  Public Scan

Go To Rescan Add Verdict Report
URL: https://times.hinet.net/news/23869533
Submission: On April 20 via api from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 104 IPs in 12 countries across 76 domains to perform 895 HTTP transactions. The main IP is 168.95.245.4, located in Palo Alto, United States and belongs to CHTCDN Data Communication Business Group, TW. The main domain is times.hinet.net. The Cisco Umbrella rank of the primary domain is 374541.
TLS certificate: Issued by on March 16th 2022. Valid for: a year.
This is the only time times.hinet.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 75 168.95.245.4 131660 (CHTCDN Da...)
2 37 203.75.213.47 3462 (HINET Dat...)
18 203.75.214.136 3462 (HINET Dat...)
13 2600:9000:215... 16509 (AMAZON-02)
41 142.250.185.130 15169 (GOOGLE)
22 151.101.129.29 54113 (FASTLY)
2 202.39.224.124 3462 (HINET Dat...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 13.32.21.123 16509 (AMAZON-02)
28 151.101.1.44 54113 (FASTLY)
4 2a03:2880:f02... 32934 (FACEBOOK)
1 9 108.157.4.121 16509 (AMAZON-02)
7 2001:4de0:ac1... 20446 (STACKPATH...)
4 119.63.193.220 38627 (BAIDUJP B...)
2 4 13.76.34.51 8075 (MICROSOFT...)
11 211.21.190.218 3462 (HINET Dat...)
18 2a00:1450:400... 15169 (GOOGLE)
1 4 2a03:2880:f11... 32934 (FACEBOOK)
44 2001:b000:590::1 131660 (CHTCDN Da...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
23 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
9 141.226.228.48 200478 (TABOOLA-AS)
31 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:231... 16509 (AMAZON-02)
1 18 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
78 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 119.63.198.189 38627 (BAIDUJP B...)
9 18.66.192.9 16509 (AMAZON-02)
3 2600:1f18:612... 14618 (AMAZON-AES)
3 52.223.40.198 16509 (AMAZON-02)
5 5 185.94.180.126 35220 (SPOTX-AMS)
8 34.96.74.134 15169 (GOOGLE)
3 34.117.234.181 15169 (GOOGLE)
5 2a00:1288:80:... 203220 (YAHOO-DEB)
2 192.229.221.28 15133 (EDGECAST)
1 2a04:4e42:400... 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
4 3.122.136.79 16509 (AMAZON-02)
61 2a00:1450:400... 15169 (GOOGLE)
2 212.82.100.181 34010 (YAHOO-IRD)
3 4 2620:116:800d... 16509 (AMAZON-02)
4 35.227.252.103 15169 (GOOGLE)
5 5 185.64.190.78 62713 (AS-PUBMATIC)
6 34 142.250.181.226 15169 (GOOGLE)
4 4 69.173.144.138 26667 (RUBICONPR...)
1 2 2a05:d01c:1d8... 16509 (AMAZON-02)
1 34.117.124.131 15169 (GOOGLE)
1 107.178.241.176 15169 (GOOGLE)
1 20.184.62.41 8075 (MICROSOFT...)
2 2a04:4e42:600... 54113 (FASTLY)
36 2a00:1450:400... 15169 (GOOGLE)
9 18.66.248.51 16509 (AMAZON-02)
1 119.63.198.188 38627 (BAIDUJP B...)
4 210.242.135.3 3462 (HINET Dat...)
1 4 104.102.29.65 20940 (AKAMAI-ASN1)
2 3 37.252.172.249 29990 (ASN-APPNEX)
1 2 52.213.110.128 16509 (AMAZON-02)
3 2600:9000:214... 16509 (AMAZON-02)
4 142.250.186.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 3.120.51.47 16509 (AMAZON-02)
2 4 35.244.174.68 15169 (GOOGLE)
2 2 104.92.72.137 16625 (AKAMAI-AS)
4 35.163.43.225 16509 (AMAZON-02)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 1 18.202.199.206 16509 (AMAZON-02)
5 20 34.96.119.68 15169 (GOOGLE)
5 11 139.162.58.205 63949 (LINODE-AP...)
2 202.39.67.8 3462 (HINET Dat...)
38 65.9.7.105 16509 (AMAZON-02)
1 2600:9000:206... 16509 (AMAZON-02)
2 18.156.195.47 16509 (AMAZON-02)
3 185.29.134.249 30419 (MEDIAMATH...)
2 34.98.64.218 15169 (GOOGLE)
2 104.111.242.245 16625 (AKAMAI-AS)
3 142.250.186.98 15169 (GOOGLE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 34.96.105.8 15169 (GOOGLE)
2 2 37.157.4.23 198622 (ADFORM)
2 2 72.251.249.9 29791 (VOXEL-DOT...)
2 2 213.19.147.44 3356 (LEVEL3)
2 2 13.248.245.213 16509 (AMAZON-02)
1 185.86.137.108 201081 (SMARTADSE...)
1 37.252.172.38 29990 (ASN-APPNEX)
1 78.46.23.46 24940 (HETZNER-AS)
1 2.18.233.201 16625 (AKAMAI-AS)
1 4 138.201.63.164 24940 (HETZNER-AS)
1 162.210.196.208 30633 (LEASEWEB-...)
1 2 142.250.186.102 15169 (GOOGLE)
1 185.94.180.123 35220 (SPOTX-AMS)
1 51.75.147.170 16276 (OVH)
5 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.66 15169 (GOOGLE)
2 52.29.21.97 16509 (AMAZON-02)
1 2600:1901:0:7... 15169 (GOOGLE)
14 2606:4700:20:... 13335 (CLOUDFLAR...)
1 34.98.67.61 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 4 84.200.5.215 44066 (DE-FIRSTC...)
2 78.46.85.162 24940 (HETZNER-AS)
2 46.236.13.147 12703 (PULSANT-AS)
1 143.204.98.5 16509 (AMAZON-02)
2 54.76.212.160 ()
1 2600:9000:231... ()
1 108.157.4.35 ()
1 2600:9000:231... ()
895 104
75    168.95.245.4 (Palo Alto, United States)

ASN131660 (CHTCDN Data Communication Business Group, TW)
PTR: 168-95-245-4.hinet-ip.hinet.net
times.hinet.net
37    203.75.213.47 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
ssp.hinet.net
18    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
645f1f83-8da9-451c-b42f-b9f76357727e.t.ssp.hinet.net
13    2600:9000:2156:b000:3:cecd:5f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
player.svc.litv.tv
41    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
22    151.101.129.29 (United States)

ASN54113 (FASTLY, US)
trip.hinet.net
2    202.39.224.124 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: vatrack.hinet.net
vatrack.hinet.net
3    2606:4700:10::ac43:1755 (United States)

ASN13335 (CLOUDFLARENET, US)
tenmax-static.cacafly.net
1    13.32.21.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-123.fra56.r.cloudfront.net
static.adsinstant.com
28    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
15.taboola.com
vidstat.taboola.com
imprammp.taboola.com
4    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
9    108.157.4.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-121.dus51.r.cloudfront.net
sb.scorecardresearch.com
7    2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
4    119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
api.popin.cc
4    13.76.34.51 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dmp.tenmax.io
11    211.21.190.218 (Hsinchu County, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 211-21-190-218.hinet-ip.hinet.net
ssp.tenmax.io
18    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
44    2001:b000:590::1 (Taiwan)

ASN131660 (CHTCDN Data Communication Business Group, TW)
www.hinet.net
4    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
23    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
9    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
1225ef7adcb5a5606b8e633d2d8d5efc.safeframe.googlesyndication.com
42fbc773b1deded427a8b895ce413d22.safeframe.googlesyndication.com
14caa0eb8c9720740e17322578407696.safeframe.googlesyndication.com
8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com
05f1498154dc10d3a52a98ef22f6b0c5.safeframe.googlesyndication.com
ed759e07329150df5cf259c3fece2575.safeframe.googlesyndication.com
12    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
9    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
am-trc-events.taboola.com
31    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
2    2600:9000:2315:8400:9:f0ff:5340:93a1 (United States)

ASN16509 (AMAZON-02, US)
jsmodule.svc.litv.tv
18    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
78    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
11    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    119.63.198.189 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
tw.popin.cc
9    18.66.192.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-9.muc50.r.cloudfront.net
fino.svc.litv.tv
3    2600:1f18:612b:4200:5e70:34f8:9284:341c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
taboola-supply-partners.tremorhub.com
3    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
5    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
8    34.96.74.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.74.96.34.bc.googleusercontent.com
pusti.svc.litv.tv
3    34.117.234.181 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 181.234.117.34.bc.googleusercontent.com
adsv.svc.litv.tv
5    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
cdn.js7k.com
2    192.229.221.28 (United States)

ASN15133 (EDGECAST, US)
redir.adap.tv
1    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
4    3.122.136.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-136-79.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
61    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
4    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
4    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
5    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
34    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    2a05:d01c:1d8:8102:a946:f0fe:2301:5b7a (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
1    34.117.124.131 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 131.124.117.34.bc.googleusercontent.com
api.svc.taiwanmedia.org
1    107.178.241.176 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 176.241.178.107.bc.googleusercontent.com
onead.onevision.com.tw
1    20.184.62.41 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e2elog.fetnet.net
2    2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)
vjs.zencdn.net
36    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
9    18.66.248.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-51.dus51.r.cloudfront.net
cdnstatic.svc.litv.tv
1    119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
r.popin.cc
4    210.242.135.3 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
p-api02.svc.litv.tv
4    104.102.29.65 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-65.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
3    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    52.213.110.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-110-128.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
3    2600:9000:214f:9e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
4    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    3.120.51.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-51-47.eu-central-1.compute.amazonaws.com
d.agkn.com
4    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
2    104.92.72.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-72-137.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
4    35.163.43.225 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-43-225.us-west-2.compute.amazonaws.com
dt.adsafeprotected.com
3    2a02:26f0:3500:4::b818:4dc1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
lispeedtest.akamaized.net
1    18.202.199.206 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-199-206.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
20    34.96.119.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.119.96.34.bc.googleusercontent.com
apn.c.appier.net
adx.c.appier.net
pmp-beacon.apx.appier.net
ad2.apx.appier.net
11    139.162.58.205 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1471-205.members.linode.com
gocm.c.appier.net
2    202.39.67.8 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 202-39-67-8.hinet-ip.hinet.net
ssp-hinetwork.cdn.hinet.net
38    65.9.7.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-7-105.fra56.r.cloudfront.net
p-yonder.svc.litv.tv
1    2600:9000:206f:f800:1e:6a6f:9700:93a1 (United States)

ASN16509 (AMAZON-02, US)
cnt.trvdp.com
2    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
web.ssp.yahoo.com
3    185.29.134.249 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
3    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
pubads.g.doubleclick.net
1    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    213.19.147.44 (Utrecht, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    185.86.137.108 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    78.46.23.46 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.46.23.46.78.clients.your-server.de
hal9000.redintelligence.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
4    138.201.63.164 (Reilingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.63.201.138.clients.your-server.de
hal90006.redintelligence.net
1    162.210.196.208 (Bethesda, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
2    142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
5994599.fls.doubleclick.net
1    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
1    51.75.147.170 (France)

ASN16276 (OVH, FR)
PTR: ns3133977.ip-51-75-147.eu
cdn.contentspread.net
5    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
ade.googlesyndication.com
2    52.29.21.97 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-21-97.eu-central-1.compute.amazonaws.com
prod-m-node-3113.ssp.yahoo.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
14    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
1    2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
4    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
2    78.46.85.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de
partner.o2online.de
partner.blau.de
2    46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
1    143.204.98.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-5.fra50.r.cloudfront.net
analytics.webgains.io
2    54.76.212.160 (None, )

ASN- ()
api.webgains.io
1    2600:9000:2315:7c00:3:7e1c:5b40:93a1 (None, )

ASN- ()
go.trvdp.com
1    108.157.4.35 (None, )

ASN- ()
stg.truvidplayer.com
1    2600:9000:2315:e800:d:3c0f:bcc0:93a1 (None, )

ASN- ()
s.trvdp.com
Apex Domain
Subdomains		 Transfer
200 hinet.net
times.hinet.net — Cisco Umbrella Rank: 374541
ssp.hinet.net — Cisco Umbrella Rank: 84010
t.ssp.hinet.net — Cisco Umbrella Rank: 85264
trip.hinet.net
vatrack.hinet.net
645f1f83-8da9-451c-b42f-b9f76357727e.t.ssp.hinet.net
www.hinet.net — Cisco Umbrella Rank: 298135 Failed
ssp-hinetwork.cdn.hinet.net
2 MB
149 googlesyndication.com
24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
1225ef7adcb5a5606b8e633d2d8d5efc.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
tpc.googlesyndication.com — Cisco Umbrella Rank: 128
42fbc773b1deded427a8b895ce413d22.safeframe.googlesyndication.com
14caa0eb8c9720740e17322578407696.safeframe.googlesyndication.com
8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com
05f1498154dc10d3a52a98ef22f6b0c5.safeframe.googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 271
ed759e07329150df5cf259c3fece2575.safeframe.googlesyndication.com
1 MB
103 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 293
pubads.g.doubleclick.net — Cisco Umbrella Rank: 487
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 67700
1 MB
86 litv.tv
player.svc.litv.tv — Cisco Umbrella Rank: 252244
jsmodule.svc.litv.tv — Cisco Umbrella Rank: 418663
fino.svc.litv.tv — Cisco Umbrella Rank: 440279
pusti.svc.litv.tv — Cisco Umbrella Rank: 391985
adsv.svc.litv.tv — Cisco Umbrella Rank: 477356
cdnstatic.svc.litv.tv — Cisco Umbrella Rank: 699943
p-api02.svc.litv.tv
p-yonder.svc.litv.tv — Cisco Umbrella Rank: 417696
2 MB
41 google.com
adservice.google.com — Cisco Umbrella Rank: 77
www.google.com — Cisco Umbrella Rank: 4
9 KB
39 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1059
trc.taboola.com — Cisco Umbrella Rank: 656
images.taboola.com — Cisco Umbrella Rank: 1593
trc-events.taboola.com — Cisco Umbrella Rank: 1698
15.taboola.com — Cisco Umbrella Rank: 1961
vidstat.taboola.com — Cisco Umbrella Rank: 1976
imprammp.taboola.com — Cisco Umbrella Rank: 11958
am-match.taboola.com — Cisco Umbrella Rank: 12336
am-vid-events.taboola.com — Cisco Umbrella Rank: 11698
sync-t1.taboola.com — Cisco Umbrella Rank: 1247
pips.taboola.com — Cisco Umbrella Rank: 1596
cds.taboola.com — Cisco Umbrella Rank: 1493
am-trc-events.taboola.com — Cisco Umbrella Rank: 16542
415 KB
36 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
1 MB
31 appier.net
apn.c.appier.net — Cisco Umbrella Rank: 92885
gocm.c.appier.net — Cisco Umbrella Rank: 2326
adx.c.appier.net — Cisco Umbrella Rank: 106054
pmp-beacon.apx.appier.net — Cisco Umbrella Rank: 207356
ad2.apx.appier.net — Cisco Umbrella Rank: 35402
12 KB
18 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
118 KB
15 tenmax.io
dmp.tenmax.io — Cisco Umbrella Rank: 106206
ssp.tenmax.io — Cisco Umbrella Rank: 122650
18 KB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 2723
ad4m.at — Cisco Umbrella Rank: 2329
assets.ad4m.at — Cisco Umbrella Rank: 36633
275 KB
14 google.de
adservice.google.de — Cisco Umbrella Rank: 7579
www.google.de — Cisco Umbrella Rank: 5383
3 KB
12 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 176
434 KB
11 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
468 KB
9 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 780
static.adsafeprotected.com — Cisco Umbrella Rank: 565
dt.adsafeprotected.com — Cisco Umbrella Rank: 517
96 KB
9 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 137
6 KB
7 jquery.com
code.jquery.com — Cisco Umbrella Rank: 647
225 KB
6 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1537
us-u.openx.net — Cisco Umbrella Rank: 411
908 B
6 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 823
web.ssp.yahoo.com — Cisco Umbrella Rank: 2382
prod-m-node-3113.ssp.yahoo.com — Cisco Umbrella Rank: 16254
8 KB
6 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 531
search.spotxchange.com — Cisco Umbrella Rank: 426
5 KB
6 popin.cc
api.popin.cc — Cisco Umbrella Rank: 22742
tw.popin.cc — Cisco Umbrella Rank: 75995
r.popin.cc — Cisco Umbrella Rank: 25930
106 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 343
112 KB
5 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 31596
hal90006.redintelligence.net — Cisco Umbrella Rank: 268833
10 KB
5 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 622
2 KB
4 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 2919
pixel.mathtag.com — Cisco Umbrella Rank: 1233
3 KB
4 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 601
1 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 248
secure.adnxs.com — Cisco Umbrella Rank: 438
4 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575
3 KB
4 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 350
token.rubiconproject.com — Cisco Umbrella Rank: 675
2 KB
4 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1127
1 KB
4 advertising.com
ads.adaptv.advertising.com — Cisco Umbrella Rank: 3768
1 KB
4 yimg.com
s.yimg.com — Cisco Umbrella Rank: 420
13 KB
4 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 794
920 B
4 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 417
662 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
3 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 138
197 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 19570
api.webgains.io
52 KB
3 trvdp.com
cnt.trvdp.com — Cisco Umbrella Rank: 61638
go.trvdp.com
s.trvdp.com
221 KB
3 akamaized.net
lispeedtest.akamaized.net
254 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 355
793 B
3 tremorhub.com
taboola-supply-partners.tremorhub.com — Cisco Umbrella Rank: 3426
547 B
3 cacafly.net
tenmax-static.cacafly.net — Cisco Umbrella Rank: 102527
112 KB
2 webgains.com
track.webgains.com — Cisco Umbrella Rank: 41028
87 KB
2 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 63407
779 B
2 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 65798
580 B
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 98327
static-de.ad4mat.net — Cisco Umbrella Rank: 147569
4 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 400
954 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 542
1 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 607
1 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 577
1 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1031
344 B
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 1696
1 KB
2 agkn.com
d.agkn.com — Cisco Umbrella Rank: 550
1 KB
2 zencdn.net
vjs.zencdn.net — Cisco Umbrella Rank: 4986
14 KB
2 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1591
685 B
2 adap.tv
redir.adap.tv — Cisco Umbrella Rank: 371628
63 KB
1 truvidplayer.com
stg.truvidplayer.com
4 KB
1 blau.de
partner.blau.de — Cisco Umbrella Rank: 92681
1 KB
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 75750
2 KB
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 962
356 B
1 js7k.com
cdn.js7k.com — Cisco Umbrella Rank: 843
16 KB
1 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 51671
64 KB
1 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 31603
688 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1254
75 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 3276
173 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2951
104 B
1 everesttech.net
pixel.everesttech.net — Cisco Umbrella Rank: 3287
376 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 238
34 KB
1 gstatic.com
www.gstatic.com
13 KB
1 fetnet.net
e2elog.fetnet.net — Cisco Umbrella Rank: 411431
543 B
1 onevision.com.tw
onead.onevision.com.tw — Cisco Umbrella Rank: 136251
1 taiwanmedia.org
api.svc.taiwanmedia.org — Cisco Umbrella Rank: 454014
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 436
7 KB
1 adsinstant.com
static.adsinstant.com — Cisco Umbrella Rank: 594976
4 KB
0 ad-score.com Failed
data.ad-score.com Failed
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
895 76
Domain Requested by
78 pagead2.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
times.hinet.net
googleads.g.doubleclick.net
srcdoc
tpc.googlesyndication.com
24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com
prod-m-node-3113.ssp.yahoo.com
www.googletagservices.com
75 times.hinet.net 1 redirects times.hinet.net
61 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
times.hinet.net
8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com
cdn.ampproject.org
44 www.hinet.net times.hinet.net
www.hinet.net
38 p-yonder.svc.litv.tv player.svc.litv.tv
37 securepubads.g.doubleclick.net times.hinet.net
ssp.hinet.net
securepubads.g.doubleclick.net
www.googletagservices.com
37 ssp.hinet.net 2 redirects times.hinet.net
ssp.hinet.net
www.hinet.net
code.jquery.com
36 s0.2mdn.net imasdk.googleapis.com
times.hinet.net
s0.2mdn.net
34 cm.g.doubleclick.net 6 redirects times.hinet.net
googleads.g.doubleclick.net
24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com
23 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
imasdk.googleapis.com
5994599.fls.doubleclick.net
22 trip.hinet.net times.hinet.net
trip.hinet.net
19 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
times.hinet.net
8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com
18 www.google.com 1 redirects times.hinet.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com
18 www.google-analytics.com times.hinet.net
www.google-analytics.com
www.googletagmanager.com
player.svc.litv.tv
13 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
13 player.svc.litv.tv times.hinet.net
player.svc.litv.tv
www.hinet.net
13 t.ssp.hinet.net times.hinet.net
t.ssp.hinet.net
player.svc.litv.tv
www.hinet.net
12 www.googletagservices.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com
12 images.taboola.com times.hinet.net
11 gocm.c.appier.net 5 redirects times.hinet.net
apn.c.appier.net
ad2.apx.appier.net
11 www.googletagmanager.com player.svc.litv.tv
www.googletagmanager.com
www.hinet.net
11 ssp.tenmax.io tenmax-static.cacafly.net
times.hinet.net
imasdk.googleapis.com
9 cdnstatic.svc.litv.tv player.svc.litv.tv
9 fino.svc.litv.tv player.svc.litv.tv
fino.svc.litv.tv
9 sb.scorecardresearch.com 1 redirects cdn.taboola.com
times.hinet.net
player.svc.litv.tv
9 cdn.taboola.com times.hinet.net
cdn.taboola.com
8 pusti.svc.litv.tv player.svc.litv.tv
7 code.jquery.com ssp.hinet.net
6 assets.ad4m.at as.ad4m.at
6 ad2.apx.appier.net 3 redirects times.hinet.net
ssp.hinet.net
6 pmp-beacon.apx.appier.net apn.c.appier.net
ad2.apx.appier.net
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 adx.c.appier.net times.hinet.net
apn.c.appier.net
5 image6.pubmatic.com 5 redirects
5 sync.search.spotxchange.com 5 redirects
5 645f1f83-8da9-451c-b42f-b9f76357727e.t.ssp.hinet.net times.hinet.net
www.hinet.net
player.svc.litv.tv
4 ad4m.at as.ad4m.at
ad4m.at
4 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
4 hal90006.redintelligence.net 1 redirects googleads.g.doubleclick.net
hal90006.redintelligence.net
4 dt.adsafeprotected.com 24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
4 id.rlcdn.com 2 redirects googleads.g.doubleclick.net
4 googleads4.g.doubleclick.net times.hinet.net
4 dsum-sec.casalemedia.com 1 redirects googleads.g.doubleclick.net
4 p-api02.svc.litv.tv player.svc.litv.tv
4 rtb.openx.net googleads.g.doubleclick.net
24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
4 cms.quantserve.com 3 redirects googleads.g.doubleclick.net
4 ads.adaptv.advertising.com redir.adap.tv
imasdk.googleapis.com
4 s.yimg.com times.hinet.net
s.yimg.com
4 partner.googleadservices.com pagead2.googlesyndication.com
4 stats.g.doubleclick.net www.google-analytics.com
4 imasdk.googleapis.com player.svc.litv.tv
imasdk.googleapis.com
4 www.facebook.com 1 redirects connect.facebook.net
fino.svc.litv.tv
times.hinet.net
4 dmp.tenmax.io 2 redirects times.hinet.net
4 api.popin.cc times.hinet.net
api.popin.cc
4 trc.taboola.com cdn.taboola.com
4 connect.facebook.net times.hinet.net
connect.facebook.net
fino.svc.litv.tv
3 pubads.g.doubleclick.net imasdk.googleapis.com
3 tags.mathtag.com googleads.g.doubleclick.net
tags.mathtag.com
3 apn.c.appier.net 2 redirects ssp.hinet.net
3 lispeedtest.akamaized.net jsmodule.svc.litv.tv
3 static.adsafeprotected.com fw.adsafeprotected.com
24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 pixel.rubiconproject.com 3 redirects
3 adsv.svc.litv.tv fino.svc.litv.tv
3 sync-t1.taboola.com imprammp.taboola.com
am-match.taboola.com
3 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
3 taboola-supply-partners.tremorhub.com imprammp.taboola.com
am-match.taboola.com
3 tenmax-static.cacafly.net times.hinet.net
2 api.webgains.io analytics.webgains.io
2 track.webgains.com as.ad4m.at
2 www.lead-alliance.net 2 redirects
2 www.telefonica-partner.de 2 redirects
2 prod-m-node-3113.ssp.yahoo.com web.ssp.yahoo.com
prod-m-node-3113.ssp.yahoo.com
2 5994599.fls.doubleclick.net 1 redirects times.hinet.net
2 eb2.3lift.com 2 redirects
2 sync.1rx.io 2 redirects
2 ap.lijit.com 2 redirects
2 c1.adform.net 2 redirects
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 web.ssp.yahoo.com imasdk.googleapis.com
securepubads.g.doubleclick.net
2 ssp-hinetwork.cdn.hinet.net times.hinet.net
2 e.dlx.addthis.com 2 redirects
2 d.agkn.com 2 redirects
2 am-trc-events.taboola.com cdn.taboola.com
2 fw.adsafeprotected.com 1 redirects times.hinet.net
2 vjs.zencdn.net jsmodule.svc.litv.tv
2 ag.innovid.com 1 redirects googleads.g.doubleclick.net
2 sp.analytics.yahoo.com player.svc.litv.tv
2 redir.adap.tv www.googletagmanager.com
2 am-match.taboola.com vidstat.taboola.com
2 jsmodule.svc.litv.tv player.svc.litv.tv
2 24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 vatrack.hinet.net times.hinet.net
1 s.trvdp.com go.trvdp.com
1 stg.truvidplayer.com go.trvdp.com
1 go.trvdp.com cnt.trvdp.com
1 analytics.webgains.io track.webgains.com
1 partner.blau.de as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 static-de.ad4mat.net as.ad4m.at
1 token.rubiconproject.com 1 redirects
1 odr.mookie1.com googleads.g.doubleclick.net
1 prod-rtb.ad4mat.net googleads.g.doubleclick.net
1 cdn.js7k.com prod-m-node-3113.ssp.yahoo.com
1 ed759e07329150df5cf259c3fece2575.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ade.googlesyndication.com
1 cdn.contentspread.net hal90006.redintelligence.net
1 search.spotxchange.com imasdk.googleapis.com
1 ads.aralego.com imasdk.googleapis.com
1 05f1498154dc10d3a52a98ef22f6b0c5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pixel.mathtag.com tags.mathtag.com
1 hal9000.redintelligence.net times.hinet.net
1 secure.adnxs.com imasdk.googleapis.com
1 ssbsync.smartadserver.com 8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com
1 tr.blismedia.com 8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com
1 dclk-match.dotomi.com 8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com
1 cnt.trvdp.com securepubads.g.doubleclick.net
1 14caa0eb8c9720740e17322578407696.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 42fbc773b1deded427a8b895ce413d22.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pixel.everesttech.net 1 redirects
1 cdnjs.cloudflare.com s0.2mdn.net
1 www.gstatic.com googleads.g.doubleclick.net
1 r.popin.cc times.hinet.net
1 e2elog.fetnet.net player.svc.litv.tv
1 onead.onevision.com.tw player.svc.litv.tv
1 api.svc.taiwanmedia.org player.svc.litv.tv
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 tw.popin.cc api.popin.cc
1 cdn.jsdelivr.net www.hinet.net
1 am-vid-events.taboola.com times.hinet.net
1 imprammp.taboola.com vidstat.taboola.com
1 vidstat.taboola.com cdn.taboola.com
1 www.google.de times.hinet.net
1 15.taboola.com cdn.taboola.com
1 1225ef7adcb5a5606b8e633d2d8d5efc.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 trc-events.taboola.com times.hinet.net
1 static.adsinstant.com times.hinet.net
0 data.ad-score.com Failed s.trvdp.com
0 googlecm.hit.gemius.pl Failed googleads.g.doubleclick.net
895 142
Subject Issuer Validity Valid
*.times.hinet.net
 2022-03-16 -
2023-03-16		 a year crt.sh
*.ssp.hinet.net
 2021-10-12 -
2022-10-12		 a year crt.sh
litv.tv
Amazon		 2021-07-31 -
2022-08-29		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
trip.hinet.net
R3		 2022-04-16 -
2022-07-15		 3 months crt.sh
vatrack.hinet.net
 2022-02-10 -
2023-02-10		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-09 -
2022-07-08		 a year crt.sh
static.adsinstant.com
Amazon		 2021-10-22 -
2022-11-19		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-27 -
2022-04-27		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.t.ssp.hinet.net
 2022-04-14 -
2023-04-14		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.popin.cc
DigiCert Secure Site Pro CN CA G3		 2021-10-22 -
2022-10-22		 a year crt.sh
*.tenmax.io
Gandi Standard SSL CA 2		 2022-01-10 -
2023-02-10		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.hinet.net
 2020-08-06 -
2022-08-06		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.tremorhub.com
Amazon		 2022-03-24 -
2023-04-22		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
pusti.svc.litv.tv
GTS CA 1D4		 2022-02-20 -
2022-05-21		 3 months crt.sh
adsv.svc.litv.tv
GTS CA 1D4		 2022-02-21 -
2022-05-22		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-14 -
2022-05-04		 2 months crt.sh
cdn.adap.tv
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-02		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-15 -
2022-09-07		 6 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-15 -
2022-09-07		 6 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.innovid.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-15 -
2023-04-15		 a year crt.sh
d-api.svc.taiwanmedia.org
GTS CA 1D4		 2022-03-20 -
2022-06-18		 3 months crt.sh
onead.onevision.com.tw
R3		 2022-02-20 -
2022-05-21		 3 months crt.sh
e2elog.fetnet.net
Go Daddy Secure Certificate Authority - G2		 2021-08-17 -
2022-09-17		 a year crt.sh
vjs.zencdn.net
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-11-26 -
2022-12-28		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.svc.litv.tv
Sectigo RSA Domain Validation Secure Server CA		 2021-12-09 -
2023-01-08		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
dt.adsafeprotected.com
Amazon		 2021-11-19 -
2022-12-18		 a year crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
*.trvdp.com
Amazon		 2021-09-24 -
2022-10-23		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
*.c.appier.net
R3		 2022-04-07 -
2022-07-06		 3 months crt.sh
*.apx.appier.net
R3		 2022-03-07 -
2022-06-05		 3 months crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2022-04-22		 2 years crt.sh
teads.tv
R3		 2022-03-23 -
2022-06-21		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-02-20 -
2022-05-21		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
redintelligence.net
R3		 2022-03-29 -
2022-06-27		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
contentspread.net
R3		 2022-03-31 -
2022-06-29		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-02-02 -
2022-05-04		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-04-19 -
2022-07-18		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
*.webgains.io
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.truvidplayer.com
Amazon		 2022-02-07 -
2023-03-07		 a year crt.sh

This page contains 101 frames:

Primary Page: https://times.hinet.net/news/23869533
Frame ID: 2A2F26D8A69BCA9205414978A283C737
Requests: 185 HTTP requests in this frame

Frame: https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQz|aGluZXQ=
Frame ID: 2197056386DCC5734F571278093B682F
Requests: 29 HTTP requests in this frame

Frame: https://code.jquery.com/jquery-1.9.1.min.js
Frame ID: 44C2BB79D3DCDAC759AE59BBE2F45EDB
Requests: 10 HTTP requests in this frame

Frame: https://www.hinet.net/tv/mobile_iframe.html
Frame ID: B573BD33CD625F6F001E60BDA65CBAD6
Requests: 1 HTTP requests in this frame

Frame: https://times.hinet.net/hinetlife2/index.html
Frame ID: 5B0BAEC5DDEE1DC3B831C1EFE8DF5DA8
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D169777559824026%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1082f00ca935f8%2526domain%253Dtimes.hinet.net%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ftimes.hinet.net%25252Ff2f5818eb53b738%2526relation%253Dparent.parent%26container_width%3D300%26height%3D500%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FHiNetnews%26locale%3Dzh_TW%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26width%3D300
Frame ID: 590C48A560A0AAC1344DE47A3373A5AF
Requests: 1 HTTP requests in this frame

Frame: https://www.hinet.net/tv/mobile_iframe.html
Frame ID: 0DBE229FC5F037FCB724FDF2818DA695
Requests: 54 HTTP requests in this frame

Frame: https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D8445BB29D25A4297004AE96AB8994F0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHtIflqmCry2uBacOV3OXo0ddX1WKO1CpwBZTsxuXxn6G9RAW2QDwEC6_uTWbrAQO3V66-addrg3LbFmbzez-yRylxgkLcuPXzPacPGxs07xS_ztIY9QQkYRJ51lwZs2CGcec_ueAQNB8iFahpcJk4v-g0v4AiZL0FPqDbFPCPqS9oVDRG6ffJ3HhMxrGPZkojsK6k8qHR13Udi3cg_S1bWgHZb4h1RKEb5szgYmwcwBnm2UY_MCiQ_WEiTiz2AZfjJeNAtA81fQQTb-BX-vmt6ByeYxLjP4-HvEqfZ3VjCnyvhy4rWRn3wQ&sai=AMfl-YSM5vyo_mYklROrdmD4jYBLRHOQAPDfLpvzu7tCorZ1ZOrh44a1EpIA3lq3Qa4fXT2BRvbDjwXUwEYGiMhPGPhOWrMBf8H3Lif_NkYmRRm2jPNTskblrdfs4HZEV_k&sig=Cg0ArKJSzA-jMQGwIiACEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 8C4039734E1CBDCC19A4E0E6DE92BA2E
Requests: 3 HTTP requests in this frame

Frame: https://1225ef7adcb5a5606b8e633d2d8d5efc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 892CB7B7CC923AAFA51621305A7BEA5A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnWCVEssQ2e5iW3YlGcKjwIGWT2-F5pOPyNlTvzOWRK9Zn_JeXFNg0PdgGWODZfAYqvzuwPPevDkyc0jPEYs8GmmYxOtQa6xH2vEY4AtU6HzvCQY1qt7aWBMlRN0lBwggZEbG4uplSV3wAGB4mKLcFtoSvebj-468ejSzXr1KM9G1ehgInPvtwF1QeS9HJ0gDpN2OvPTKmPQ4FkBfw9NO6T3Sa2vilnQ37ic8LgwjSIcscqoVkMeNO4aE-9E7Ja_zMUyvVYGjdFUr2V_XwAgjHQrDF53in49Nr2zghkPcHChKS8j2NTzqYo8CuoWA8ICIk78_HgT8V1kjmvEqP&sig=Cg0ArKJSzN-VelTMVCslEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 4C762DAA576EB862F64895CE525DBAEF
Requests: 13 HTTP requests in this frame

Frame: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQz|aGluZXQ=
Frame ID: 10DB7738421A3D05149586AB5E571002
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/zrt_lookup.html
Frame ID: 92DEC373ECFC8BC365B0C6AAA9DBC423
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66533115&crid=6438155&dast=V7DRoCFgNtpPJ1wQcE2gRtpPJ1wQcE2gUAAAAGBvQHGsWZsWa85WoxmwxWw9FusZiNhrvlaDYawkZxZqwZb7lazCaD1XC0GywGu9FqN5nMhlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73lCCptPhc93rRU-3y3MXOu0u013uMv3lLt_nL9kMZ8vVZjMHAAAAgAcAsZ4FiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAIXccA0AKA6DdtpNLrs_AAAeHkAAAAQwSAAO1J9KAFxexk8AAAAAAAAAAFj-____YwbubfZlBvw5vnoAHnwAHogKEIsYAQAAAARvOCgcTeqEyqIKAIAg3QrgCgAgAJAI11w5DAAAQEBMqX4juwQAS3ZsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCUX1xKUFPczMqP0CAgCs_QICALCpGwDAmwBcyJWg6XT4XPd60dPt8tyFTrvLdJe7TH-5y_f5SzbD2XK12YwuAFYXELMDAAAAuPv____HU6rfyC4BwJLVA6nlaLAabSwT53I5Wm42s5FnshsuTBvbymPxeCzbw7FNoElOt9brCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotL-BGAwGOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIkwvfwjXzbNaSjWW1Fo0mi7XENpitZQ6Lx7RwrByO3WIten1Mz9VwZtgMtygYMLIXwUU60TzMLs_N8rebni7LW-i0u0wXsURzskgnssu-tRwNVqONZeJcLkfLzWY28kx2w4VpY1t5LB6PZd9c-BaumWezlmwsq7VoNFmsJbbBbC1zWDymhWPlcOwWa9HrY3quhjPDZrhvzFaD0WQwGgz3jdlqMJoMRoPlvkNn-K4-Z6N6u9Z6bE6_NNu12BwGhctg8f4kpsW0OzuYTr6jU-eQLos6o-_6PXoNCs_BY5ooU2KdtS8TFpNXheNgUMQSwekinYhextNFLJE8LdKJamJbrBYWl81i2Zhcpt1qNPFsZjbPwmSyrRa73UQsUZou0ole7vJ9_pLNcLZcbTYT9R8ZYrmZS3ZzxWiuGKwSAAAAAAAAAMAS5sybAAAAAJwGtRjuNqvlAlTsOekCgwAAAAAAAOyqSIVbmEO53hQ3fjwxD7PLc7P87aany_IWOu0u05UBJszWmDd7Joi1Wi1rAAAAAWwAAIAAbt28BZxXcg!&cmcv=&pix=undefined&cb=1650420410509&uv=3165&tms=1650420410509&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!Noapp22_vB!pblc_vE!spa2_vA!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=E3F5F795162058471164879464&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: A770F37D2EE7358FF660F75CBACE8A0E
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7DRoCFgNtpPJ1wQcE2gRtpPJ1wQcE2gUAAAAGBvQHGsWZsWa85WoxmwxWw9FusZiNhrvlaDYawkZxZqwZb7lazCaD1XC0GywGu9FqN5nMhlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73lCCptPhc93rRU-3y3MXOu0u013uMv3lLt_nL9kMZ8vVZjMHAAAAgAcAsZ4FiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAIXccA0AKA6DdtpNLrs_AAAeHkAAAAQwSAAO1J9KAFxexk8AAAAAAAAAAFj-____YwbubfZlBvw5vnoAHnwAHogKEIsYAQAAAARvOCgcTeqEyqIKAIAg3QrgCgAgAJAI11w5DAAAQEBMqX4juwQAS3ZsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCUX1xKUFPczMqP0CAgCs_QICALCpGwDAmwBcyJWg6XT4XPd60dPt8tyFTrvLdJe7TH-5y_f5SzbD2XK12YwuAFYXELMDAAAAuPv____HU6rfyC4BwJLVA6nlaLAabSwT53I5Wm42s5FnshsuTBvbymPxeCzbw7FNoElOt9brCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotL-BGAwGOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIkwvfwjXzbNaSjWW1Fo0mi7XENpitZQ6Lx7RwrByO3WIten1Mz9VwZtgMtygYMLIXwUU60TzMLs_N8rebni7LW-i0u0wXsURzskgnssu-tRwNVqONZeJcLkfLzWY28kx2w4VpY1t5LB6PZd9c-BaumWezlmwsq7VoNFmsJbbBbC1zWDymhWPlcOwWa9HrY3quhjPDZrhvzFaD0WQwGgz3jdlqMJoMRoPlvkNn-K4-Z6N6u9Z6bE6_NNu12BwGhctg8f4kpsW0OzuYTr6jU-eQLos6o-_6PXoNCs_BY5ooU2KdtS8TFpNXheNgUMQSwekinYhextNFLJE8LdKJamJbrBYWl81i2Zhcpt1qNPFsZjbPwmSyrRa73UQsUZou0ole7vJ9_pLNcLZcbTYT9R8ZYrmZS3ZzxWiuGKwSAAAAAAAAAMAS5sybAAAAAJwGtRjuNqvlAlTsOekCgwAAAAAAAOyqSIVbmEO53hQ3fjwxD7PLc7P87aany_IWOu0u05UBJszWmDd7Joi1Wi1rAAAAAWwAAIAAbt28BZxXcg!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: EF3F73F8D5DEF7A4CEC8E3E93D260CA2
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&adk=1812271804&adf=3407277731&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420410249&bpp=3&bdt=747&idt=533&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&nras=1&correlator=7627605533712&frm=23&ife=4&pv=2&ga_vid=1746851889.1650420409&ga_sid=1650420411&ga_hid=248024629&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=580&ish=400&ifk=2341075057&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C182982000%2C182982200&oid=2&pvsid=3975703067766539&pem=129&tmod=1293801012&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.886dxwl8r4mt&btvi=1&fsb=1&dtd=585
Frame ID: 7C4AA181805924054C8A6ACD727C0FB8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420410252&bpp=2&bdt=750&idt=619&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420411&ga_hid=248024629&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1830&biw=1600&bih=1200&isw=580&ish=400&ifk=2341075057&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C182982000%2C182982200&oid=2&pvsid=3975703067766539&pem=129&tmod=1293801012&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.irexm87b3t4q&btvi=2&fsb=1&dtd=668
Frame ID: EF1BA69E4120EBAB0DAA29893DCAD689
Requests: 10 HTTP requests in this frame

Frame: https://fino.svc.litv.tv/acs/rts.html
Frame ID: D952F43F4E6CD74AEDA89E8CD07B82DD
Requests: 7 HTTP requests in this frame

Frame: https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQ2|aGluZXQ=
Frame ID: 9DEFA2B2476E4B9D9DA0E928955A67ED
Requests: 54 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C24A3F369FC8E65A9122CC4EEAED7E28
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6ED6C7ACC8364F46FC67FB041F5FEA78
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
Frame ID: 5FD370ACE22371A71C3FFB73168E1353
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.510.1_zh_tw.html
Frame ID: A89D9A26AB8A3AB79A33D9420BD14317
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 975E483A23B3F9D56228792E5A831A1F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AD89C500DB90FFFD81A16AAA3A4DDBEE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9E6C305A518B6B9AC37D7674B36C882D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F347E4999CFB830B4D90D610EEEA8827
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6C94CC6010CC80E2FA8D3AE0AE0467E8
Requests: 2 HTTP requests in this frame

Frame: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQ2|aGluZXQ=
Frame ID: F8257062342DC2EA1AEBF136481B3339
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1740840196959600
Frame ID: 6435ED6958481BBD3106FEA8691097C1
Requests: 9 HTTP requests in this frame

Frame: https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 559D73D2CB22B17CDD513E3B42CC5B9C
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQ2OPDowMYq9bNxgEwAQ&v=APEucNUD1YNHdKt7CIDIlcrZwePizVlTD7gXGuvL2lEYZmoDUuZiWhiMFCvOpw3m4UjIIvBoufGTHgYQA_DqTjSBVByiuaEZTLtyr5arSAv45XdESo9pR6-7rKNNXSFPDTotqWDBho8scVFJ9Ud4mesqP1nyC_hcO6mjAqENzOCftJvbbBCJvL0
Frame ID: 0B64B13E428E02E237C08A9D4BDEE927
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.510.1_zh_tw.html
Frame ID: F5BDF118436F97B5E10A9757A724DABD
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5F8F5945EBB884E80AF83FE1C2BDDC6E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740840196959600&output=html&adk=1812271804&adf=480832060&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420412739&bpp=3&bdt=182&idt=353&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&nras=1&correlator=7627605533712&frm=23&ife=1&pv=2&ga_vid=1746851889.1650420409&ga_sid=1650420413&ga_hid=856103074&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=580&ish=400&ifk=3581017202&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064019&oid=2&pvsid=55169206926762&pem=129&tmod=1527544047&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.9oib94gwgfq&fsb=1&dtd=389
Frame ID: 2E4C7F47B8D77E54B03E1A616DAA98E8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740840196959600&output=html&h=400&slotname=4874654900&adk=3033242791&adf=2751418291&pi=t.ma~as.4874654900&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420412742&bpp=2&bdt=185&idt=519&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=1&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420413&ga_hid=856103074&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1116&biw=1600&bih=1200&isw=580&ish=400&ifk=3581017202&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064019&oid=2&pvsid=55169206926762&pem=129&tmod=1527544047&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.8m9rx1id11s0&fsb=1&dtd=525
Frame ID: 6C3F496F65E8048DF5163674F78DCAAC
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F7DBD3228C4055878141C2B735DD1D7C
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9149102723359337108/index.html
Frame ID: 8A817DC0BEE85B9092EB640D17915CB8
Requests: 24 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 2DED8D1DD1D613C9E88D5888FE879CD9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5119A17BF7C0DD2BEBC6C0DA1EF86EDC
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 061FFFE1A976E646F1882343ED910A95
Requests: 9 HTTP requests in this frame

Frame: https://code.jquery.com/jquery-1.9.1.min.js
Frame ID: 659775D4C545A0DF04D1670AFC4456A7
Requests: 11 HTTP requests in this frame

Frame: https://ssp.hinet.net/api/web/request/?c=2017003&s=201702000008&t=1650420408428&u=645f1f83-8da9-451c-b42f-b9f76357727e&o=KnUkW&show=static&ca=&k=&cab=&kb=&mode=roll
Frame ID: 7E1090ADCACF734DBCAC2682B0A56405
Requests: 20 HTTP requests in this frame

Frame: https://code.jquery.com/jquery-1.9.1.min.js
Frame ID: BD286753E73BC2E52564C3445AC892E6
Requests: 12 HTTP requests in this frame

Frame: https://code.jquery.com/jquery-1.9.1.min.js
Frame ID: 1B1FB86032E9ABCE4255110985321BBC
Requests: 5 HTTP requests in this frame

Frame: https://ssp.hinet.net/api/pixel?bd=626a4780cd7c28c1d9b5000d29462049dd6fd0db616f157aef8117f7b3492bcf&ch=2017034
Frame ID: 49E308350E8DC33F10EB8CE97D116F88
Requests: 1 HTTP requests in this frame

Frame: https://ssp-hinetwork.cdn.hinet.net/dsp/uploads/image/625d3326855d9.jpg
Frame ID: FECE7FC6328AB904AD90A9E9F3C36F6D
Requests: 1 HTTP requests in this frame

Frame: https://ssp-hinetwork.cdn.hinet.net/dsp/uploads/image/625d3300360e1.jpg
Frame ID: 4F1FAC6D526D08CC6F96A49480D63E31
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
Frame ID: DC86336DE4FAE0BA38451DCB8CBAE68D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 366FC02E380CADDDEE35E2E2575A9327
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4C2F4D22DC72C905FBE7EC2C612A896B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5C87ABBA8923971EC1638F45F2032003
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7218F2DA753F895F3767C93B37E231DB
Requests: 2 HTTP requests in this frame

Frame: https://42fbc773b1deded427a8b895ce413d22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 9ED6A5AAD53F96A51D529D7A98801F8F
Requests: 1 HTTP requests in this frame

Frame: https://14caa0eb8c9720740e17322578407696.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: F9AC90B043AF13D868B1EDBD427E9722
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstpzPLWds0x-04pzuAhvUiBqPM7EzGC4W_qkUVZQ-EkFQd6pAdW6zoGTOH5aX5EweRsxMTlmD46Zu4scMXZQFryqf_Q6oE4567DqfdJho5N-rkOpjAKEZITAUDDomDokiBnhYsoWJmZWJLD5368C68YvsqcgE2iTc5P8YYruXylFj2zBjCSHznUGR_jKeKK_dSWJ1EGWOIew93rSex9z4xiPcqtJ13OXE2VejtrkrRO6dHZkWOEWzlejf1QaOO3adgALv9235xuCjnvVy6NzQJFe8eucw-qQgqIuBk_T70jHupBnZtukllwrFFt&sig=Cg0ArKJSzDn92wsXVNsvEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A18F8A15D70B8C4F405E8AADB7BB8986
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTnvL4uf990eOwH15vkHBfOEhU_rXizOGdRkawg3cNBWn1h9TOqzsnJbjd7YwbnDL3oBbGCmTfAc_D-qm4NP3J2_4jXpl_1nVXVN9kZ7MN3a7QwppxLn6yyeG32F3L5LNYwxfZEtDsyxErlcux0rUoqf9GUO8PA6s2_XjF3DSC3mFHCrZ815YgZA2XFMIWJE5hx_vxVflC0yDXWCizts90JvNCKttc5xDgKr83e378DnHtZaFP_abro0TgPh6yNgBOtgXT4kDntQLl1F1PnCgujXUhWFQg4IGAxoPryobzM_uqDQDFn9JMjZmk5M3tT6aYYIvt&sig=Cg0ArKJSzFsMwuWo72tKEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A2B7EFFE52633D20A493B164D20528B9
Requests: 14 HTTP requests in this frame

Frame: https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 9339A2860F594C873AD3706CA7490E6A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&adk=1812271804&adf=2662694623&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420421151&bpp=5&bdt=508&idt=264&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420421&ga_hid=161013570&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=3799455184&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064018&oid=2&pvsid=1067251748401404&pem=129&tmod=813030052&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.8mqaf5vfdg8m&btvi=1&fsb=1&dtd=322
Frame ID: 8D2D78F986DAC87F835D4BB0D293CE25
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=250&slotname=3089906698&adk=1280429565&adf=3171381554&pi=t.ma~as.3089906698&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420421156&bpp=2&bdt=512&idt=382&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420421&ga_hid=161013570&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=2914&biw=1600&bih=1200&isw=300&ish=250&ifk=3799455184&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064018&oid=2&pvsid=1067251748401404&pem=129&tmod=813030052&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.cv3feg77v16r&btvi=2&fsb=1&dtd=393
Frame ID: 06CF53234D24EEFCEC49CFAFC864BA60
Requests: 1 HTTP requests in this frame

Frame: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=667&acid=LaWLuHDKDi6AkkT0xWpfYg&id=id0jmux32qfexrqfq
Frame ID: 3A9BB3EACB15418E79E757EFB68EA8FF
Requests: 3 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: BCD37F61CF5B5B743907A22C55D68399
Requests: 3 HTTP requests in this frame

Frame: https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 840505C54DD5AC7FA464A8B37F772511
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNzg5AEQxrjnARiok_PGATAB&v=APEucNUBs2p2tOLE-ovOd6NuQtUIyCj3vcVea65zz7ghAORWFYAQ-i9TPWH-1Eu4GvghpopOeckatBvjUFMOYnBo89CARw_4uOaImyQqj1tIl0k3MtV4lbOkXETdeAurhDUMBxdFDXgieICZe8a1WNhGZBBlAAJfNwLJxqzoCyOCWuPN4biyfcs
Frame ID: B6764D56C076CE07CF34DF2247349A8F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cn47nxmpfYtaED7eX9u8P0cGtsArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDU3NjU5NzIwMTYzNzQ3yAEJqAMBqgTUAU_QTJaGlxzW5NWIu-_Ivy35Fm16wrnIn3CHjSS7OAlqqWUV2KIO5VOspjVivBq1xy2Cdzi_s2nWMXsFumY3XyscmMQqNhNqw_DlSyWTW3SviXnhtrcvfL9zIbvPEmrpqs1lOJ68eL1xdZmsbtu53ljg58DsiaTEwi4L46KqNIc60Y7XLCRFXBwHgS_oyj4xU5isfCZgxxvbRwAqYQzjwYWD3GSpxnPp8PkYHsD7Yi0pGVXghtBndzL_DzTXeZkhWz2mf1YcUC1RkIbvOyLTiBPrOyAOgAa_zMTOmvnjl4ABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDQ1NzY1OTcyMDE2Mzc0NxgA&sigh=UNNCFvMKB8s&uach_m=[UACH]&cid=CAQSOwCNIrLMzTZxhKU89wKe6VRMWPPCaIgEqNp_FLDygcw85KAgRdm53m_pgeFP03Ac7oL-JN8hWsRd9rxwGAE&tpd=AGWhJmvOlZhxr9UXJ8VglyRNeTJpgslJKtBFY52hoAatZybqP5Wh7MRYJ8sbGPJeHz4pPDYrZMdeD-83Kar7NafAqUtw8dcuditTXkHTDcInXJtw_qjM8bCvF0rfEF_Ccrj4fCAWOogPIQEJY4e7WrUjfiE3FjLwrZD64kw4oBJu9quIkPsdbKA1YtzhdcxMA4UynNf58HTAJpoAmNuD9k6Zm6wbQd89WdFFGHv-a3VY2Q1DorMgS12wcxI457jydo6aXQwoQPNF6tpjybl51_WCDTCnvwD79H88HGV6SPUn927rGvA8pcWGGEFJe_B7EdQ5lYjPbfv14Jjs_OzXq6ZwTo62B88KvoYAlo6wI8p7sOsKY8UUbH4ylyNgRrzN1e885sN_AF6uVLtwpJorKxOhyg8Iao3kDwjKN9fSh4SKd2zbLvLNsqSJX1HJCQguAeZvbPfp2aUokBTrppqdYevrKdpirMI9cDHcbqq9oU4x6WcygRT3VYdpxhHBAf3mlq5NM4mW61YCRi0AbOp5GEcyk7al6wpQDVGLhMJASN2GVHyzseEuDCeKVqBliYC1UlV0qKTI67WZlGmanzswYBjJZ4fCwWn51vhg9BmZf1Uqpn37JG9ZGlkcLMlFdWVRfC5wX_cXJaANsnhFPRKZxkH73SMZTQ8QFl07_Ks9Q266GpQrb8Tjw2JRai--7vMDVN2bwYeaX6GBoWTZsc6OBV4pag-6K4sHAK16URiA3RUvjcBHdipOtKsPYbt1nUEywCbvovMSsBRhAZQTrT1dDJ9pc9dQsgk9HsyrLNpRQ9Hb6U7l8V0kCDBXYb6KKZ_ntCHO84apVn_u3Y8lUIbYpdwidrz6iEedSu7Scsqr_45gige4yt2u_hNUVZbY3P58fCUwwFIt3M4n-9gfhZsAyn1ND_XPoYeyt0x7sFhS1wZUv-6Vj_n_L1TYcimFjVf2dLoMXhLninE17DiJduU5vPTcxwJ-XiyMnIl_gI89nuIAms2gVImIVIuRanhngDhc22zeazBVjywmntqUM-aGG_fosIpb_Sj3ylOwaw5jHMMyMqjfAXAht5HNPuY3Nq8M9_tI_Q
Frame ID: 8B74F7B3B282B724783D4E16A2832E26
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/index.html
Frame ID: EF90E2D5F5786CCA432E56054A6FB292
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9A67AD7B0C5DE072693F94C61BC5C09F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8DA135099CB29F6FB29DEDDA93343A28
Requests: 3 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: F1D302BA9B5546AB5A0369C275A24E56
Requests: 17 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: 06F7D875F24FB808409983FE4D3C2943
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CF41E7BC4448FCA3CB7D602364CBFE85
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D790AA427681A558D0C778C94E708C4D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7951587FA71CCB5AAA9B138DCA953104
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EA9A078E4328EFD4DD02FF7509203FD7
Requests: 2 HTTP requests in this frame

Frame: https://05f1498154dc10d3a52a98ef22f6b0c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: C4F99918FE8B42F86A78B09D12A56901
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2Zv6GOw6BhZOKRYAslEvnHIHOyl4N5-2f_aFv8TAYboJHEyogcHzzS-a_AJ7vpncgJY_cXDv-ltbp55A66H-kuYXtS1ZagN3IovNye7K-f64MAP8IsLAIMSYGcZa0Bkjm0CFcjwUx1ad4UuIS7p2eg-VIDrdI264KI5z6SOqISodOD6cZiniB2DkTEcawKKsx6BD-icY1hJwkj8ial5qVhD0vaGfn4S0FT9QVPuyKpHPshaY_n1z9ZLDxShMkf19fEeCL-YYPGSITaitVVCV5wuYHQhs4-mMX1zp-_y50Fj9atCgVGxDiVg&sig=Cg0ArKJSzE_pYizS-TmiEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: DD7EAE8C1EB93070ADAA87919381471A
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPne3pjHofcCFTlIHQkdR48Lcg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9026309386152.87
Frame ID: 6251EB5932B5CE2C22E7F5F8153AA1C7
Requests: 2 HTTP requests in this frame

Frame: https://hal90006.redintelligence.net/request_content.php?s=68008600011858500951399011935006&a=9524f9c0
Frame ID: F8BD8FCF1978C97581529A705C0362E8
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 584283A3C9918A484041AFFF4506BC3C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0A4661F2854BF461CDC08098C4B8CF3B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F3FD0C0DB947D70B83BDD23D6D2D41DE
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 4C5C2B0C17C85F8427EDAD9E9F798695
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 461ECA18B32D9890BFC1C724AE012413
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C3D1C4F1DAEEB31416D81D85967F87D8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0C5C358678A4FD3233AFE2BC01C3296E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CA384A5A45E95FF60EE63CA245582DDF
Requests: 2 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: 54A000B57003E4C5D9A563336A355AEF
Requests: 3 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: A479F6A4BC0CE28F40E2E523EDF11195
Requests: 1 HTTP requests in this frame

Frame: https://ed759e07329150df5cf259c3fece2575.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: C2A4CB141054FFDEA392E843879DECD1
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss78BFI-imsx2vhHGX7avW_o4QPHMQRdiJvpGMIS7mi9TugWtscYsAQg6li7npdC7gpsyrEaWzixpo9lUimYEz32tc1IvqwBWvdguI2IZLVjbivkz2NXoLyAfEzfL2qV7uoip8HY9Rb6wg0wXGKCEDFG9UmbhIBEav4SWcHaJMOmWCenbXijiBPH5V2oP86r_XKD75OqGWgs11cYsewVajGDdeOCAXG7cgZWJRUmEJpiFUHCc03Vd1alqNPBYCnHHBlv-tpBFMRSBANGpgx8hY2GR5OTi5b7-lBUHzqqgz4JR3f_kiPxdzRZzhU93okobnwWQ&sig=Cg0ArKJSzI7723zsQQtAEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E69FB5FE93580E00B3E12592C326C477
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&adk=1812271804&adf=2662694598&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Ftimes.hinet.net&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420426948&bpp=4&bdt=741&idt=100&shv=r20220413&mjsv=m202204180101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&nras=1&correlator=1795433715493&frm=8&ife=4&pv=2&ga_vid=1746851889.1650420409&ga_sid=1650420427&ga_hid=451399582&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1730313683&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067068%2C31067164%2C44761537%2C31061828%2C31067150%2C31066185&oid=2&pvsid=2023639261504748&pem=53&tmod=420444723&uas=0&nvt=1&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.qykj0xl5p6kf&fsb=1&dtd=137
Frame ID: 715055F8FB52966D9516F9C736931993
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=5905656858&adk=967909671&adf=876643155&pi=t.ma~as.5905656858&w=300&fwrn=16&psa=0&format=300x250&url=https%3A%2F%2Ftimes.hinet.net&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420426952&bpp=2&bdt=745&idt=145&shv=r20220413&mjsv=m202204180101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=1795433715493&frm=8&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420427&ga_hid=451399582&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1730313683&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067068%2C31067164%2C44761537%2C31061828%2C31067150%2C31066185&oid=2&pvsid=2023639261504748&pem=53&tmod=420444723&uas=0&nvt=1&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.eiiz9lbebpnp&fsb=1&dtd=159
Frame ID: 1F77A77FE923568D42BDE8AD9FEC2B5B
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kckxjfszspkxc6n65phzz2ys47scgpyfj1pqpartt2d5atqjv4myjwakgy36z30v83smn4ns9kbre2t5mjva8j04jf5aq87fhsxbpf8aaakg2393qxdafz7pc2jfv0j4rekmvrk4b4mr7gchwzvd1zw7839thrfv79yzagk5mydbbwb2xe02nrbgxe9hcks91qp7x4cbdcybyn2q5zaxpz8373kdh74dfwj7wqv2418bsy08aa7qd4tatm36vq9cztekgm3aaq1k9npf2jewfdb7mwbbta6kad6e7kbymhhst6e3nd50s94dn4v3dcqed5fhcqpvgec2xnj5ppq30d383xh2wbxbdahx5a68vk5s1bvpnxzbvtpzx0j7x42fv2fa41k34xxx2vex5asda0vyywvafax82c4sfgfqgyxp80eh5k9r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCT1uky2pfYteJMruD1fAPp46P0ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMzExMTUxNjQwNTU5NTI0oAHCrujdA8gBCakCYlyTrzAZsj6oAwGqBLgBT9CAhN_RF8jgtMiFBUCPoPq3vztU483K27QhEyAssyijGppGKIkdpBa1FkMv1ywju0l7rkqfn-IRtgHPB3_7Mkp6verle3ZdFAQhTcxPJ4slQm0b6LgjldV4imA-nqHda7VRcx0RoHDVojWX5ooXI6rS9AaPFhgJIHYSFTe-l2PMQY9W7ZclKrupGqwJIXex0FhFrabxhjUhRqmlN-wGhvp1VjA0i8NmWOuUYZ-ZIZ7F-ijN9FpTSIAGrbT_mKTjpM8ioAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3588SyTZCvL4z2WLfHh-vSPzt0xQ%26client%3Dca-pub-1311151640559524%26adurl%3D
Frame ID: A39C561BC6B052E342E7CA00F2F9DD9C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4547A7103C1A77771C08EC10F52A4DA5
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 1679C31DA1267C5F5E2106916974BFBF
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C24673%2C161594&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7%2CQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhV&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9%2C2xqt6fRQf7dpeuVHWHktwCxx5FWT7TEYcg&c=300&d=250&e=kNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2&g=75e2e0e12ed8e06c79e0281a6d9eb004%2F12491391463658526478&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1650420428807&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzttetbp0s3bamsjjwd8amq90ket490m9qey1vznv5d48hmdtgzq7sxj8kzshy61mante2dzsv1nhr88yhwz98jt8k7nk7720agc3dxzqhf8j85ybc0437r07a5xka25xass6sq0c5hrqc2bsd7s74gvnmp631y723wesjvdf1dvjw92a4jmc43zvp3vnfmwfywdhjk61r6e8amcrxbjzh6acfnhsg4p2mhh3yr9ymc7nvvga27n3k2zb301yg5rghyret9rveeesh5dapg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCT1uky2pfYteJMruD1fAPp46P0ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMzExMTUxNjQwNTU5NTI0oAHCrujdA8gBCakCYlyTrzAZsj6oAwGqBLgBT9CAhN_RF8jgtMiFBUCPoPq3vztU483K27QhEyAssyijGppGKIkdpBa1FkMv1ywju0l7rkqfn-IRtgHPB3_7Mkp6verle3ZdFAQhTcxPJ4slQm0b6LgjldV4imA-nqHda7VRcx0RoHDVojWX5ooXI6rS9AaPFhgJIHYSFTe-l2PMQY9W7ZclKrupGqwJIXex0FhFrabxhjUhRqmlN-wGhvp1VjA0i8NmWOuUYZ-ZIZ7F-ijN9FpTSIAGrbT_mKTjpM8ioAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3588SyTZCvL4z2WLfHh-vSPzt0xQ%2526client%253Dca-pub-1311151640559524%2526adurl%253D&y=1&z=0
Frame ID: 28A0D546CDB9BD68A097146F81154348
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 117CB0C6F4372D31C73B837776E803CE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 161596B303E9F5832F50D392E3121090
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5E2FE965653314C6D042892E9E29C7E3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 161DCC62669CCBB192329B9E48656915
Requests: 2 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7DRoCFgNtpPJ1wQcE2gRtpPJ1wQcE2gUAAAAGBvQHGsWZsWa85WoxmwxWw9FusZiNhrvlaDYawkZxZqwZb7lazCaD1XC0GywGu9FqN5nMhlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73lCCptPhc93rRU-3y3MXOu0u013uMv3lLt_nL9kMZ8vVZjMHAAAAgAcAsZ4FiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAIXccA0AKA6DdtpNLrs_AAAeHkAAAAQwSAAO1J9KAFxexk8AAAAAAAAAAFj-____YwbubfZlBvw5vnoAHnwAHogKEIsYAQAAAARvOCgcTeqEyqIKAIAg3QrgCgAgAJAI11w5DAAAQEBMqX4juwQAS3ZsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCUX1xKUFPczMqP0CAgCs_QICALCpGwDAmwBcyJWg6XT4XPd60dPt8tyFTrvLdJe7TH-5y_f5SzbD2XK12YwuAFYXELMDAAAAuPv____HU6rfyC4BwJLVA6nlaLAabSwT53I5Wm42s5FnshsuTBvbymPxeCzbw7FNoElOt9brCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotL-BGAwGOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIkwvfwjXzbNaSjWW1Fo0mi7XENpitZQ6Lx7RwrByO3WIten1Mz9VwZtgMtygYMLIXwUU60TzMLs_N8rebni7LW-i0u0wXsURzskgnssu-tRwNVqONZeJcLkfLzWY28kx2w4VpY1t5LB6PZd9c-BaumWezlmwsq7VoNFmsJbbBbC1zWDymhWPlcOwWa9HrY3quhjPDZrhvzFaD0WQwGgz3jdlqMJoMRoPlvkNn-K4-Z6N6u9Z6bE6_NNu12BwGhctg8f4kpsW0OzuYTr6jU-eQLos6o-_6PXoNCs_BY5ooU2KdtS8TFpNXheNgUMQSwekinYhextNFLJE8LdKJamJbrBYWl81i2Zhcpt1qNPFsZjbPwmSyrRa73UQsUZou0ole7vJ9_pLNcLZcbTYT9R8ZYrmZS3ZzxWiuGKwSAAAAAAAAAMAS5sybAAAAAJwGtRjuNqvlAlTsOekCgwAAAAAAAOyqSIVbmEO53hQ3fjwxD7PLc7P87aany_IWOu0u05UBJszWmDd7Joi1Wi1rAAAAAWwAAIAAbt28BZxXcg!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 3FF2FD946F10433B8CB96773689B94BC
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

日圓匯率大跳水驚見0.2315元 再探近25年新低-財經-HiNet生活誌

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!--[^>]*(?:InstanceBeginEditable|Dreamweaver([^>]+)target|DWLayoutDefaultTable)
Overall confidence: 100%
Detected patterns
  • TweenMax(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • mustache(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

895
Requests

93 %
HTTPS

35 %
IPv6

76
Domains

142
Subdomains

104
IPs

12
Countries

11706 kB
Transfer

27888 kB
Size

94
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1650420404000&ns_c=UTF-8&cv=3.5&c8=%E6%97%A5%E5%9C%93%E5%8C%AF%E7%8E%87%E5%A4%A7%E8%B7%B3%E6%B0%B4%E9%A9%9A%E8%A6%8B0.2315%E5%85%83%20%E5%86%8D%E6%8E%A2%E8%BF%9125%E5%B9%B4%E6%96%B0%E4%BD%8E-%E8%B2%A1%E7%B6%93-HiNet%E7%94%9F%E6%B4%BB%E8%AA%8C&c7=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1650420404000&ns_c=UTF-8&cv=3.5&c8=%E6%97%A5%E5%9C%93%E5%8C%AF%E7%8E%87%E5%A4%A7%E8%B7%B3%E6%B0%B4%E9%A9%9A%E8%A6%8B0.2315%E5%85%83%20%E5%86%8D%E6%8E%A2%E8%BF%9125%E5%B9%B4%E6%96%B0%E4%BD%8E-%E8%B2%A1%E7%B6%93-HiNet%E7%94%9F%E6%B4%BB%E8%AA%8C&c7=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&c9=
Request Chain 122
  • https://www.facebook.com/v2.3/plugins/page.php?app_id=169777559824026&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1082f00ca935f8%26domain%3Dtimes.hinet.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimes.hinet.net%252Ff2f5818eb53b738%26relation%3Dparent.parent&container_width=300&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FHiNetnews&locale=zh_TW&sdk=joey&show_facepile=true&show_posts=true&width=300 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D169777559824026%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1082f00ca935f8%2526domain%253Dtimes.hinet.net%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ftimes.hinet.net%25252Ff2f5818eb53b738%2526relation%253Dparent.parent%26container_width%3D300%26height%3D500%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FHiNetnews%26locale%3Dzh_TW%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26width%3D300
Request Chain 247
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=8b3f0944-c04e-11ec-8bc0-19da87bf0206 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=8b3f0905-c04e-11ec-8bc0-19da87bf0206&orig=video&us_privacy=1---gdpr=1&
Request Chain 250
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=8b463b73-c04e-11ec-8e64-1891fad20406 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=8b3f0905-c04e-11ec-8bc0-19da87bf0206&orig=video&us_privacy=1---gdpr=1&
Request Chain 299
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDEyjI4IQvZq_3yI0PLkwY4&google_cver=1&google_push=AYg5qPKoYsbUD9p9XTgWtX77pVDl5HRulhlO8HMlk1uyFVbC9rHJORikziJopcFdnHxTM3GlCJDPolYNYDDuZeB_w3l6cSff6aaV HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDEyjI4IQvZq_3yI0PLkwY4&google_cver=1&google_push=AYg5qPKoYsbUD9p9XTgWtX77pVDl5HRulhlO8HMlk1uyFVbC9rHJORikziJopcFdnHxTM3GlCJDPolYNYDDuZeB_w3l6cSff6aaV&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IoyaC54qQz6mybnIeIjyzQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKoYsbUD9p9XTgWtX77pVDl5HRulhlO8HMlk1uyFVbC9rHJORikziJopcFdnHxTM3GlCJDPolYNYDDuZeB_w3l6cSff6aaV
Request Chain 300
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKNqyZwWUM33eFnGlhHyw4Y&google_cver=1&google_push=AYg5qPJtasOJ_ll7LshGjMP9pDXJ9GTOYe0JwR4l9jod91e9fgrWmM4x7NU5dGbI_zgvn03s0__xxbn2cfLKoqN_OQYOnryVf20TFQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI2WFA4SzQtMUEtQUswTw==&google_push=AYg5qPJtasOJ_ll7LshGjMP9pDXJ9GTOYe0JwR4l9jod91e9fgrWmM4x7NU5dGbI_zgvn03s0__xxbn2cfLKoqN_OQYOnryVf20TFQ
Request Chain 301
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvENm0BmuGGXec HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvENm0BmuGGXec&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvENm0BmuGGXec&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvENm0BmuGGXec&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvENm0BmuGGXec&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvENm0BmuGGXec&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvENm0BmuGGXec&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvENm0BmuGGXec&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvENm0BmuGGXec&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvENm0BmuGGXec&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvENm0BmuGGXec&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvENm0BmuGGXec&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvENm0BmuGGXec&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvENm0BmuGGXec&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvENm0BmuGGXec&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvENm0BmuGGXec&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvENm0BmuGGXec&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvENm0BmuGGXec&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvENm0BmuGGXec&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvENm0BmuGGXec&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvENm0BmuGGXec&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c
Request Chain 309
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 401
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFjeyhUb_XOUHNVClEUrbls&google_cver=1
Request Chain 402
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yl9qvP1aPy1o8obiwowjQwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFjeyhUb_XOUHNVClEUrbls&google_cver=1
Request Chain 403
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEA-8Vg2KbB0zRmQC-uqlP4g&google_cver=1
Request Chain 404
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAwODI3NDY2OTc1OTcyNzQ0OA%3D%3D
Request Chain 450
  • https://fw.adsafeprotected.com/rfw/st/996673/61756195/skeleton.js?adsafe_url=https%3A%2F%2Ftimes.hinet.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:ff7f3f86-8b20-298b-9621-314a39f83ee1,c:ahReKx,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-656457b855-n69xh,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:561,fm:t3vtRn2+1111%7C112%7C1131%7C114%7C1211%7C1212%7C12131%7C12132%7C12133%7C1214%7C1215%7C122%7C123%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a14%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p%7C1q*.996673-61756195%7C1q1%7C1q2%7C1q3,idMap:1q*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:598,oid:8c7543a8-c04e-11ec-8fd0-ce8e0bccee07,v:19.8.299,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 456
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMIsc2XGYqluwsMFe_WSp9I&google_cver=1&google_push=AYg5qPIANgOdlJ0X3aacXUySbswl5IbZw80_v6A0cryxwH6HEK028hizSnJmyTUTZ8sCXySpo5PMB_b3LsKf9XYpeGJQ_xxRUb5F HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIANgOdlJ0X3aacXUySbswl5IbZw80_v6A0cryxwH6HEK028hizSnJmyTUTZ8sCXySpo5PMB_b3LsKf9XYpeGJQ_xxRUb5F&google_hm=4Xfhv2FTLXwtWGktNPRKTw
Request Chain 457
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEBRrILT_-tFmwu1iT17rtUs&google_cver=1&google_push=AYg5qPK8vq2Q7WobQg962OwZ7Hs481vevMavIONiiwo8v6yFdwl5mLxz7GwennNzje1l_rjFc2ha-gRxzBUYH4Yfmu-wHBZtNg3JOw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPK8vq2Q7WobQg962OwZ7Hs481vevMavIONiiwo8v6yFdwl5mLxz7GwennNzje1l_rjFc2ha-gRxzBUYH4Yfmu-wHBZtNg3JOw&google_hm=Q0FFU0VCUnJJTFRfLXRGbXd1MWlUMTdydFVz
Request Chain 458
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJxWr-FfRD3xrcfZizjQc90T1HxD7zMi2YfZRYmPNFhuFPHf9NTB7wObaPyhGZOJtvGAq7pdvvFsqbiQ8z8qfxUQwy81WaMiA&google_gid=CAESELULovubTG-T5E-2mxtWiak&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCL7V_ZIGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BWWc1cVBKeFdyLUZmUkQzeHJjZlppempRYzkwVDFIeEQ3ek1pMllmWlJZbVBORmh1RlBIZjlOVEI3d09iYVB5aEdaT0p0dkdBcTdwZHZ2RnNxYmlROHo4cWZ4VVF3eTgxV2FNaUE HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTzhiMDVnQndmclVpQWNOM0pJWjVlTWpMYnVrQ3ViVTFkTHpCUmhBMHpuTQ==&google_push
Request Chain 459
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJ38L19TtP39vNQbxJl_PTCYkyrwZ0A63EtyOVncuM8ljV7YinWv8O4rfLl5n65eIgwC_DQPZ5r1z8gscvyjZxxuRvETfcAeg&google_gid=CAESEBibMQZc4U6fTL1i9SvdibU&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJ38L19TtP39vNQbxJl_PTCYkyrwZ0A63EtyOVncuM8ljV7YinWv8O4rfLl5n65eIgwC_DQPZ5r1z8gscvyjZxxuRvETfcAeg&google_gid=CAESEBibMQZc4U6fTL1i9SvdibU&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MjAwMjA3MDAwMDA4MDU2NzU4NjQ4MA%3D%3D&google_push=AYg5qPJ38L19TtP39vNQbxJl_PTCYkyrwZ0A63EtyOVncuM8ljV7YinWv8O4rfLl5n65eIgwC_DQPZ5r1z8gscvyjZxxuRvETfcAeg
Request Chain 461
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4UeyoaWOyxh2JU6Gw7VOGmhyyDC8c_csUoFA84bJe2glXPq_xq2vmyT8vERnWjneowpLJAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4UeyoaWOyxh2JU6Gw7VOGmhyyDC8c_csUoFA84bJe2glXPq_xq2vmyT8vERnWjneowpLJAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4UeyoaWOyxh2JU6Gw7VOGmhyyDC8c_csUoFA84bJe2glXPq_xq2vmyT8vERnWjneowpLJAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4UeyoaWOyxh2JU6Gw7VOGmhyyDC8c_csUoFA84bJe2glXPq_xq2vmyT8vERnWjneowpLJAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4UeyoaWOyxh2JU6Gw7VOGmhyyDC8c_csUoFA84bJe2glXPq_xq2vmyT8vERnWjneowpLJAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4UeyoaWOyxh2JU6Gw7VOGmhyyDC8c_csUoFA84bJe2glXPq_xq2vmyT8vERnWjneowpLJAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4UeyoaWOyxh2JU6Gw7VOGmhyyDC8c_csUoFA84bJe2glXPq_xq2vmyT8vERnWjneowpLJAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4UeyoaWOyxh2JU6Gw7VOGmhyyDC8c_csUoFA84bJe2glXPq_xq2vmyT8vERnWjneowpLJAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4UeyoaWOyxh2JU6Gw7VOGmhyyDC8c_csUoFA84bJe2glXPq_xq2vmyT8vERnWjneowpLJAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4UeyoaWOyxh2JU6Gw7VOGmhyyDC8c_csUoFA84bJe2glXPq_xq2vmyT8vERnWjneowpLJAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4UeyoaWOyxh2JU6Gw7VOGmhyyDC8c_csUoFA84bJe2glXPq_xq2vmyT8vERnWjneowpLJAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4UeyoaWOyxh2JU6Gw7VOGmhyyDC8c_csUoFA84bJe2glXPq_xq2vmyT8vERnWjneowpLJAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4UeyoaWOyxh2JU6Gw7VOGmhyyDC8c_csUoFA84bJe2glXPq_xq2vmyT8vERnWjneowpLJAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4UeyoaWOyxh2JU6Gw7VOGmhyyDC8c_csUoFA84bJe2glXPq_xq2vmyT8vERnWjneowpLJAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4UeyoaWOyxh2JU6Gw7VOGmhyyDC8c_csUoFA84bJe2glXPq_xq2vmyT8vERnWjneowpLJAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4UeyoaWOyxh2JU6Gw7VOGmhyyDC8c_csUoFA84bJe2glXPq_xq2vmyT8vERnWjneowpLJAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4UeyoaWOyxh2JU6Gw7VOGmhyyDC8c_csUoFA84bJe2glXPq_xq2vmyT8vERnWjneowpLJAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4UeyoaWOyxh2JU6Gw7VOGmhyyDC8c_csUoFA84bJe2glXPq_xq2vmyT8vERnWjneowpLJAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4UeyoaWOyxh2JU6Gw7VOGmhyyDC8c_csUoFA84bJe2glXPq_xq2vmyT8vERnWjneowpLJAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4UeyoaWOyxh2JU6Gw7VOGmhyyDC8c_csUoFA84bJe2glXPq_xq2vmyT8vERnWjneowpLJAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4UeyoaWOyxh2JU6Gw7VOGmhyyDC8c_csUoFA84bJe2glXPq_xq2vmyT8vERnWjneowpLJAA
Request Chain 462
  • https://ag.innovid.com/trk?tid=11711&google_gid=CAESEP2VsMJ7k6sfjbUwZl5zS-U&google_cver=1&google_push=AYg5qPLxZ0io8yBMNyLkAC3I7Tu3A0Lmza1xjyFenlWksoOlhjh5AHxd3uai5NAD3gP_TTwQK0GyVIxM4katUIuKnb2TY3mJC_dy5w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLxZ0io8yBMNyLkAC3I7Tu3A0Lmza1xjyFenlWksoOlhjh5AHxd3uai5NAD3gP_TTwQK0GyVIxM4katUIuKnb2TY3mJC_dy5w&google_hm=jDJnIroMR_6oXB78XdNV9g
Request Chain 496
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMIsc2XGYqluwsMFe_WSp9I&google_cver=1&google_push=AYg5qPJ7lfJmCgbm-WtA_hwhcXDNCsnKRI4f6BesC1eMYS13iOAPhtvAQpMPbqWfDRkF9ACkPKK6v_UESoek8YbwkhyZBVSLmvk HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJ7lfJmCgbm-WtA_hwhcXDNCsnKRI4f6BesC1eMYS13iOAPhtvAQpMPbqWfDRkF9ACkPKK6v_UESoek8YbwkhyZBVSLmvk&google_hm=4Xfhv2FTLXwtWGktNPRKTw
Request Chain 497
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJpnw0JvPMPRlDcgE8lgA-D6VuS9xqKgDmBGXgOSXx7w3XOCk2b1vGlc9BZyPVLiCrkW50J3QxbK6CAniysTUM-UV2OgLJF&google_gid=CAESENBynCLK2n9V-2fAtKjQP8w&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWw5cXZ3QUFBSm56b1FQMA&google_push=AYg5qPJpnw0JvPMPRlDcgE8lgA-D6VuS9xqKgDmBGXgOSXx7w3XOCk2b1vGlc9BZyPVLiCrkW50J3QxbK6CAniysTUM-UV2OgLJF
Request Chain 499
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDEyjI4IQvZq_3yI0PLkwY4&google_cver=1&google_push=AYg5qPI4XaoKBamjJL1wD604HbvEsY0W1f2MBtNaDPE7rgYgkSjw9dEdweKBtWxSiQAqd-OBsECjIphmDtx2QAl-58CcV772w6Yv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IoyaC54qQz6mybnIeIjyzQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI4XaoKBamjJL1wD604HbvEsY0W1f2MBtNaDPE7rgYgkSjw9dEdweKBtWxSiQAqd-OBsECjIphmDtx2QAl-58CcV772w6Yv
Request Chain 500
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKNqyZwWUM33eFnGlhHyw4Y&google_cver=1&google_push=AYg5qPKFLspwoHt86WeEii0G9re3BI-ZwSRwzGxyUkF7jKYKWlALpglciy9tnQzSFuq9YPm9WVpi_AcW7CZKetdYLDX33upNPNfj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI2WFBBU1ktMUktRExVMQ==&google_push=AYg5qPKFLspwoHt86WeEii0G9re3BI-ZwSRwzGxyUkF7jKYKWlALpglciy9tnQzSFuq9YPm9WVpi_AcW7CZKetdYLDX33upNPNfj
Request Chain 501
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStAqFvuzcdGmSC4lWKx-ZvkoiXUDWxR2IYw8wZ1B1Y5rtCzya5m7KfwAycArjiXYg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStAqFvuzcdGmSC4lWKx-ZvkoiXUDWxR2IYw8wZ1B1Y5rtCzya5m7KfwAycArjiXYg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStAqFvuzcdGmSC4lWKx-ZvkoiXUDWxR2IYw8wZ1B1Y5rtCzya5m7KfwAycArjiXYg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStAqFvuzcdGmSC4lWKx-ZvkoiXUDWxR2IYw8wZ1B1Y5rtCzya5m7KfwAycArjiXYg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStAqFvuzcdGmSC4lWKx-ZvkoiXUDWxR2IYw8wZ1B1Y5rtCzya5m7KfwAycArjiXYg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStAqFvuzcdGmSC4lWKx-ZvkoiXUDWxR2IYw8wZ1B1Y5rtCzya5m7KfwAycArjiXYg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStAqFvuzcdGmSC4lWKx-ZvkoiXUDWxR2IYw8wZ1B1Y5rtCzya5m7KfwAycArjiXYg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStAqFvuzcdGmSC4lWKx-ZvkoiXUDWxR2IYw8wZ1B1Y5rtCzya5m7KfwAycArjiXYg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStAqFvuzcdGmSC4lWKx-ZvkoiXUDWxR2IYw8wZ1B1Y5rtCzya5m7KfwAycArjiXYg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStAqFvuzcdGmSC4lWKx-ZvkoiXUDWxR2IYw8wZ1B1Y5rtCzya5m7KfwAycArjiXYg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStAqFvuzcdGmSC4lWKx-ZvkoiXUDWxR2IYw8wZ1B1Y5rtCzya5m7KfwAycArjiXYg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStAqFvuzcdGmSC4lWKx-ZvkoiXUDWxR2IYw8wZ1B1Y5rtCzya5m7KfwAycArjiXYg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStAqFvuzcdGmSC4lWKx-ZvkoiXUDWxR2IYw8wZ1B1Y5rtCzya5m7KfwAycArjiXYg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStAqFvuzcdGmSC4lWKx-ZvkoiXUDWxR2IYw8wZ1B1Y5rtCzya5m7KfwAycArjiXYg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStAqFvuzcdGmSC4lWKx-ZvkoiXUDWxR2IYw8wZ1B1Y5rtCzya5m7KfwAycArjiXYg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStAqFvuzcdGmSC4lWKx-ZvkoiXUDWxR2IYw8wZ1B1Y5rtCzya5m7KfwAycArjiXYg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStAqFvuzcdGmSC4lWKx-ZvkoiXUDWxR2IYw8wZ1B1Y5rtCzya5m7KfwAycArjiXYg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStAqFvuzcdGmSC4lWKx-ZvkoiXUDWxR2IYw8wZ1B1Y5rtCzya5m7KfwAycArjiXYg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStAqFvuzcdGmSC4lWKx-ZvkoiXUDWxR2IYw8wZ1B1Y5rtCzya5m7KfwAycArjiXYg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStAqFvuzcdGmSC4lWKx-ZvkoiXUDWxR2IYw8wZ1B1Y5rtCzya5m7KfwAycArjiXYg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStAqFvuzcdGmSC4lWKx-ZvkoiXUDWxR2IYw8wZ1B1Y5rtCzya5m7KfwAycArjiXYg
Request Chain 518
  • https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HUut9M-f HTTP 307
  • https://gocm.c.appier.net/apnnet?hzid=HUut9M-f&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fzone.js HTTP 302
  • https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=05tGHtxIAXqiVuioxWpfYg&hzid=HUut9M-f
Request Chain 528
  • https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=mhA69ro1 HTTP 307
  • https://gocm.c.appier.net/apnnet?hzid=mhA69ro1&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fzone.js HTTP 302
  • https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=LaWLuHDKDi6AkkT0xWpfYg&hzid=mhA69ro1
Request Chain 529
  • https://times.hinet.net/news/undefined HTTP 302
  • https://times.hinet.net/500
Request Chain 531
  • https://ssp.hinet.net/api/web/exposure/?token=165042041671228db4e541e5aa5d03 HTTP 302
  • https://ssp-hinetwork.cdn.hinet.net/dsp/uploads/image/625d3326855d9.jpg
Request Chain 534
  • https://ssp.hinet.net/api/web/exposure/?token=16504204186521008cf83e3359215d HTTP 302
  • https://ssp-hinetwork.cdn.hinet.net/dsp/uploads/image/625d3300360e1.jpg
Request Chain 602
  • https://ad2.apx.appier.net/www/delivery/js.php?zoneid=667&id=id0jmux32qfexrqfq HTTP 307
  • https://gocm.c.appier.net/aanet?id=id0jmux32qfexrqfq&url=ad2.apx.appier.net&zoneid=667 HTTP 302
  • https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=667&acid=LaWLuHDKDi6AkkT0xWpfYg&id=id0jmux32qfexrqfq
Request Chain 606
  • https://ad2.apx.appier.net/www/delivery/js.php?zoneid=980&id=idgj6nm4j0ch2llzs HTTP 307
  • https://gocm.c.appier.net/aanet?id=idgj6nm4j0ch2llzs&url=ad2.apx.appier.net&zoneid=980 HTTP 302
  • https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=980&acid=LaWLuHDKDi6AkkT0xWpfYg&id=idgj6nm4j0ch2llzs
Request Chain 624
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED7rD_xtOlwiqMOgFpYZRT4&google_cver=1
Request Chain 626
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEOM-FPUkMRaeV593AzAy2tM&google_cver=1
Request Chain 653
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIfbqKb5hwRqiv-vOFHb5vQ&google_cver=1&google_push=AYg5qPJT5fW1OpmtQ4ihhs7j85tTC6PohKIAJgOQlTA6ngw-O9sLI9dhUo2kvr9W05KxDnCAqZ52CfpuhE0YRYtzJUzU3Igx-ZyLtg HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIfbqKb5hwRqiv-vOFHb5vQ&google_cver=1&google_push=AYg5qPJT5fW1OpmtQ4ihhs7j85tTC6PohKIAJgOQlTA6ngw-O9sLI9dhUo2kvr9W05KxDnCAqZ52CfpuhE0YRYtzJUzU3Igx-ZyLtg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjgyODQxNzkxMjc1MTkwNDY0MQ&google_push=AYg5qPJT5fW1OpmtQ4ihhs7j85tTC6PohKIAJgOQlTA6ngw-O9sLI9dhUo2kvr9W05KxDnCAqZ52CfpuhE0YRYtzJUzU3Igx-ZyLtg
Request Chain 654
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIZlzxuqNcawNG4w3J7Sb5w&google_cver=1&google_push=AYg5qPLoTkRRGuL4j5kc17Pb8cWb9nFEKnW3wSSfmISrvHJJkkvnJgu213zJzYPvvPwIHx5JuZ0yT9kpleUJechuKlG72Yk31qDxkQ HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIZlzxuqNcawNG4w3J7Sb5w&google_cver=1&google_push=AYg5qPLoTkRRGuL4j5kc17Pb8cWb9nFEKnW3wSSfmISrvHJJkkvnJgu213zJzYPvvPwIHx5JuZ0yT9kpleUJechuKlG72Yk31qDxkQ&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLoTkRRGuL4j5kc17Pb8cWb9nFEKnW3wSSfmISrvHJJkkvnJgu213zJzYPvvPwIHx5JuZ0yT9kpleUJechuKlG72Yk31qDxkQ&google_hm=2c44c53221f7630db931e875
Request Chain 655
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB0GTi_tA1JJbQRsTbqW4Co&google_cver=1&google_push=AYg5qPKOqz2af1L8aaVwQZfC1AAtVMVMO2zO5Zs_YsFh1Db7N6Mdb_u90IhwU_lctpOEfgU6Z53jYFPQQo5eslR8FJc3i0X09mm_jA HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPKOqz2af1L8aaVwQZfC1AAtVMVMO2zO5Zs_YsFh1Db7N6Mdb_u90IhwU_lctpOEfgU6Z53jYFPQQo5eslR8FJc3i0X09mm_jA&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1650420423114 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKOqz2af1L8aaVwQZfC1AAtVMVMO2zO5Zs_YsFh1Db7N6Mdb_u90IhwU_lctpOEfgU6Z53jYFPQQo5eslR8FJc3i0X09mm_jA&google_hm=
Request Chain 656
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMEGrQn_Cpy8GMNA79yqjxQ&google_cver=1&google_push=AYg5qPIg5teFnSwFci2OB-eoMOBaBkuDGveyVKLx1EYqBb2DortVTdC7_St_E7QiruJlI2iywF9rHbgV4ynIDvHjMRZHwXs6CdPrhA HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPIg5teFnSwFci2OB-eoMOBaBkuDGveyVKLx1EYqBb2DortVTdC7_St_E7QiruJlI2iywF9rHbgV4ynIDvHjMRZHwXs6CdPrhA&google_gid=CAESEMEGrQn_Cpy8GMNA79yqjxQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY0ODM3NDc4ODYyNjQyNDM3NjA1Nw%3D%3D&google_push=AYg5qPIg5teFnSwFci2OB-eoMOBaBkuDGveyVKLx1EYqBb2DortVTdC7_St_E7QiruJlI2iywF9rHbgV4ynIDvHjMRZHwXs6CdPrhA
Request Chain 682
  • https://hal90006.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=17ea9451b9&subid=&uid=d433d7528cc70fee&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYl9qxgAEayEH_YcRzwtJww%26exch_seat%3D20035004448%26mt_aid%3D2819868845750896319%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D5581625f-6ac7-4001-8b98-55d7c3284800%26mt_cid%3D5581625f-6ac7-4001-8b98-55d7c3284800%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCqZPoxmpfYtaED7eX9u8P0cGtsArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDU3NjU5NzIwMTYzNzQ3yAEJqAMBqgTXAU_QTJaGlxzW5NWIu-_Ivy35Fm16wrnIn3CHjSS7OAlqqWUV2KIO5VOspjVivBq1xy2Cdzi_s2nWMXsFumY3XyscmMQqNhNqw_DlSyWTW3SviXnhtrcvfL9zIbvPEmrpqs1lOJ68eL1xdZmsbtu53ljg58DsiaTEwi4L46KqNIc60Y7XLCRFXBwHgS_oyj4xU5isfCZgxxvbRwAqYQzjwYWD3GSpxnPp8PkYHsD7Ym8rOMdMOnRg-pa3pOyX1mk8TzcadXgEsZCR0CkVmjz_kL1yhyeDP_7zgAa_zMTOmvnjl4ABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2xjtmN2HOnY0wqGqHmeYBIwnHFgA%2526client%253Dca-pub-4457659720163747%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4457659720163747%26output%3Dhtml%26h%3D250%26slotname%3D3089906698%26adk%3D1280429565%26adf%3D3171381554%26pi%3Dt.ma~as.3089906698%26w%3D300%26fwrn%3D3%26psa%3D1%26format%3D300x250%26url%3Dhttps%253A%252F%252Ftimes.hinet.net%252Fnews%252F23869533%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1650420421156%26bpp%3D2%26bdt%3D512%26idt%3D382%26shv%3Dr20220413%26mjsv%3Dm202204140101%26ptt%3D9%26saldr%3Daa%26cookie%3DID%253D7aeb9a1e9fafdbfd%253AT%253D1650420409%253AS%253DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D7627605533712%26frm%3D23%26ife%3D4%26pv%3D1%26ga_vid%3D1746851889.1650420409%26ga_sid%3D1650420421%26ga_hid%3D161013570%26ga_fc%3D1%26nhd%3D2%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1000%26ady%3D2914%26biw%3D1600%26bih%3D1200%26isw%3D300%26ish%3D250%26ifk%3D3799455184%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44760332%252C182982000%252C182982200%252C31064018%26oid%3D2%26pvsid%3D1067251748401404%26pem%3D129%26tmod%3D813030052%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D1664%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C300%252C250%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26ifi%3D2%26uci%3D2.cv3feg77v16r%26btvi%3D2%26fsb%3D1%26dtd%3D393&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Ftimes.hinet.net%2Chttps%3A%2F%2Ftimes.hinet.net%2Chttps%3A%2F%2Ftimes.hinet.net&random=6955325241770&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90006.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=17ea9451b9&subid=&uid=d433d7528cc70fee&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYl9qxgAEayEH_YcRzwtJww%26exch_seat%3D20035004448%26mt_aid%3D2819868845750896319%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D5581625f-6ac7-4001-8b98-55d7c3284800%26mt_cid%3D5581625f-6ac7-4001-8b98-55d7c3284800%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCqZPoxmpfYtaED7eX9u8P0cGtsArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDU3NjU5NzIwMTYzNzQ3yAEJqAMBqgTXAU_QTJaGlxzW5NWIu-_Ivy35Fm16wrnIn3CHjSS7OAlqqWUV2KIO5VOspjVivBq1xy2Cdzi_s2nWMXsFumY3XyscmMQqNhNqw_DlSyWTW3SviXnhtrcvfL9zIbvPEmrpqs1lOJ68eL1xdZmsbtu53ljg58DsiaTEwi4L46KqNIc60Y7XLCRFXBwHgS_oyj4xU5isfCZgxxvbRwAqYQzjwYWD3GSpxnPp8PkYHsD7Ym8rOMdMOnRg-pa3pOyX1mk8TzcadXgEsZCR0CkVmjz_kL1yhyeDP_7zgAa_zMTOmvnjl4ABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2xjtmN2HOnY0wqGqHmeYBIwnHFgA%2526client%253Dca-pub-4457659720163747%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4457659720163747%26output%3Dhtml%26h%3D250%26slotname%3D3089906698%26adk%3D1280429565%26adf%3D3171381554%26pi%3Dt.ma~as.3089906698%26w%3D300%26fwrn%3D3%26psa%3D1%26format%3D300x250%26url%3Dhttps%253A%252F%252Ftimes.hinet.net%252Fnews%252F23869533%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1650420421156%26bpp%3D2%26bdt%3D512%26idt%3D382%26shv%3Dr20220413%26mjsv%3Dm202204140101%26ptt%3D9%26saldr%3Daa%26cookie%3DID%253D7aeb9a1e9fafdbfd%253AT%253D1650420409%253AS%253DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D7627605533712%26frm%3D23%26ife%3D4%26pv%3D1%26ga_vid%3D1746851889.1650420409%26ga_sid%3D1650420421%26ga_hid%3D161013570%26ga_fc%3D1%26nhd%3D2%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1000%26ady%3D2914%26biw%3D1600%26bih%3D1200%26isw%3D300%26ish%3D250%26ifk%3D3799455184%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44760332%252C182982000%252C182982200%252C31064018%26oid%3D2%26pvsid%3D1067251748401404%26pem%3D129%26tmod%3D813030052%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D1664%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C300%252C250%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26ifi%3D2%26uci%3D2.cv3feg77v16r%26btvi%3D2%26fsb%3D1%26dtd%3D393&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Ftimes.hinet.net%2Chttps%3A%2F%2Ftimes.hinet.net%2Chttps%3A%2F%2Ftimes.hinet.net&random=6955325241770&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 710
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9026309386152.87 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CPne3pjHofcCFTlIHQkdR48Lcg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9026309386152.87
Request Chain 719
  • https://dmp.tenmax.io/p/b734323b-0532-40a6-8d4e-782e1c96bd3a?random=979876830 HTTP 302
  • https://dmp.tenmax.io/cmp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cacafly&google_ula=514624859,1650420424&google_hm=aXVCTFlNQk9FZXkwZUNXOXpKRmhlUT09&google_cm HTTP 302
  • https://dmp.tenmax.io/cm?adx=doubleclick&google_gid=CAESEDZLEnDXWBKYKPfneycuYN4&google_cver=1&google_ula=514624859,0
Request Chain 731
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMIsc2XGYqluwsMFe_WSp9I&google_cver=1&google_push=AYg5qPKY6NYKgRgTgbaLHsAtM5aIywNQcCDC2ZkSPYckPFNVYYqW9LYymcrkUwsAFHLm5KbcFwhee46FUtjW1q4XS4fqcw3IuV3d_Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPKY6NYKgRgTgbaLHsAtM5aIywNQcCDC2ZkSPYckPFNVYYqW9LYymcrkUwsAFHLm5KbcFwhee46FUtjW1q4XS4fqcw3IuV3d_Q&google_hm=4Xfhv2FTLXwtWGktNPRKTw
Request Chain 732
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEBRrILT_-tFmwu1iT17rtUs&google_cver=1&google_push=AYg5qPIFowFosZUi68s7hkI30NwhrMRslvAMJBA5VNh1jasCfjJ0iBKPKRYGF-ihiZmZghZWSNHUFJbvzvtTHlUsEsoa4bceLg3Ugg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIFowFosZUi68s7hkI30NwhrMRslvAMJBA5VNh1jasCfjJ0iBKPKRYGF-ihiZmZghZWSNHUFJbvzvtTHlUsEsoa4bceLg3Ugg&google_hm=Q0FFU0VCUnJJTFRfLXRGbXd1MWlUMTdydFVz
Request Chain 734
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDEyjI4IQvZq_3yI0PLkwY4&google_cver=1&google_push=AYg5qPKpds_y-z_q8b5aSfj5o-TGAuGlTY3K9s9kiCr0G2cqzf049tXJMLL-hYczPmNYbZ5UsoS1tAT8xDboDIeRQMFeJ1k6-b8d HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IoyaC54qQz6mybnIeIjyzQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKpds_y-z_q8b5aSfj5o-TGAuGlTY3K9s9kiCr0G2cqzf049tXJMLL-hYczPmNYbZ5UsoS1tAT8xDboDIeRQMFeJ1k6-b8d
Request Chain 735
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKNqyZwWUM33eFnGlhHyw4Y&google_cver=1&google_push=AYg5qPJZpR9TMnQ4nvvZoWRcP0rbBeoSF2ImmBFJuMRC5w0QsfB1dLHqiJwua0Vft4OkdO-Cu5OvkQn1aV_E5yfVAvAq602CuYKj3g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI2WFBIWlAtRi1ENTZY&google_push=AYg5qPJZpR9TMnQ4nvvZoWRcP0rbBeoSF2ImmBFJuMRC5w0QsfB1dLHqiJwua0Vft4OkdO-Cu5OvkQn1aV_E5yfVAvAq602CuYKj3g
Request Chain 736
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz-mZStWCpBRFA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz-mZStWCpBRFA&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz-mZStWCpBRFA&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz-mZStWCpBRFA&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz-mZStWCpBRFA&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz-mZStWCpBRFA&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz-mZStWCpBRFA&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz-mZStWCpBRFA&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz-mZStWCpBRFA&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz-mZStWCpBRFA&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz-mZStWCpBRFA&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz-mZStWCpBRFA&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz-mZStWCpBRFA&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz-mZStWCpBRFA&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz-mZStWCpBRFA&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz-mZStWCpBRFA&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz-mZStWCpBRFA&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz-mZStWCpBRFA&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz-mZStWCpBRFA&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz-mZStWCpBRFA&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz-mZStWCpBRFA&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1
Request Chain 754
  • https://ad2.apx.appier.net/www/delivery/vxml.php?zoneid=9704 HTTP 307
  • https://gocm.c.appier.net/avnet?url=ad2.apx.appier.net&zoneid=9704 HTTP 302
  • https://ad2.apx.appier.net/www/delivery/vxml.php?zoneid=9704&acid=LaWLuHDKDi6AkkT0xWpfYg HTTP 302
  • https://googleads.g.doubleclick.net/pagead/ads?ad_type=video&client=ca-video-pub-1740840196959600&description_url=https%3A%2F%2Fwww.hinet.net&videoad_start_delay=0&max_ad_duration=30000
Request Chain 778
  • https://ad2.apx.appier.net/www/delivery/js.php?zoneid=667&id=id0jmux32qfexrqfq HTTP 307
  • https://gocm.c.appier.net/aanet?id=id0jmux32qfexrqfq&url=ad2.apx.appier.net&zoneid=667 HTTP 302
  • https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=667&acid=LaWLuHDKDi6AkkT0xWpfYg&id=id0jmux32qfexrqfq
Request Chain 793
  • https://ad2.apx.appier.net/www/delivery/vxml.php?zoneid=9704 HTTP 307
  • https://gocm.c.appier.net/avnet?url=ad2.apx.appier.net&zoneid=9704 HTTP 302
  • https://ad2.apx.appier.net/www/delivery/vxml.php?zoneid=9704&acid=6POSlhyLBM-mHVlSympfYg HTTP 302
  • https://googleads.g.doubleclick.net/pagead/ads?ad_type=video&client=ca-video-pub-1740840196959600&description_url=https%3A%2F%2Fwww.hinet.net&videoad_start_delay=0&max_ad_duration=30000
Request Chain 849
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDEyjI4IQvZq_3yI0PLkwY4&google_cver=1&google_push=AYg5qPKHGLwpA3Nx5DI4wHN8o1Ds_Yy1DYVInk1Xi2WxrqnCpzko9RHl3Dx3neFh0GBxMvx9o18FCLCxqTVDMktweHtRChvFRGtA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IoyaC54qQz6mybnIeIjyzQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKHGLwpA3Nx5DI4wHN8o1Ds_Yy1DYVInk1Xi2WxrqnCpzko9RHl3Dx3neFh0GBxMvx9o18FCLCxqTVDMktweHtRChvFRGtA
Request Chain 850
  • https://token.rubiconproject.com/token?pid=2249&pt=n&google_gid=CAESEKNqyZwWUM33eFnGlhHyw4Y&google_cver=1&google_push=AYg5qPLypFV3xfpfj6ML6lwd2GL1-sUYLa23nEBws93wqnixCbTuQHTRK21Cksvyb5BAHYW2uEUCoQVqyf8TpPeCzJlhPJkld7oO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Request Chain 879
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidkNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidkNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022042004070967343752997X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidkNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2asuid__suite_Netmix_Reach13_BlackFridayPush&spid=2022042004070967343752997X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidkNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2asuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211
Request Chain 884
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhVoneid__asuidkNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhVoneid__asuidkNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022042004070967343752993X117663V1225131106MSoneidQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhVoneid__asuidkNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2asuid__suite_Netmix_Reach13_BlackFridayPush
Request Chain 904
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=8b3f0905-c04e-11ec-8bc0-19da87bf0206&orig=video&us_privacy=1---gdpr=1&

895 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 23869533
times.hinet.net/news/ 		79 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
41202b70bfea4411f51298b088d306e05bb070d228ad4c86025796c48b718eaa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
br
content-language
de-DE
content-type
text/html;charset=UTF-8
date
Wed, 20 Apr 2022 02:06:42 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
HiNetCDN/2203
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-cache
MISS, MISS
x-frame-options
SAMEORIGIN SAMEORIGIN
x-request-id
1741f6a22a01dfc3ce544ed569336d98
x-xss-protection
1;mode=block
global.css
times.hinet.net/resources/css/ 		154 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/css/global.css?v=20220331
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
d6ee04a3b930e47e58abe0750df3a68f68392449f9261083bef70fd9caf4e74d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:43 GMT
content-encoding
br
last-modified
Mon, 21 Mar 2022 02:49:28 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
HIT
content-type
text/css;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1;mode=block
x-request-id
da502cc4388e9aa1c5944fa27be2715c
fltSky.css
times.hinet.net/resources/css/ 		866 B
650 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/css/fltSky.css?v=20220331
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
b59dd2965f58fc20aa2ec6600b3051df031b4ae638b4742e944224f9df43b2fd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:43 GMT
content-encoding
br
last-modified
Wed, 30 Mar 2022 10:19:32 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
HIT
content-type
text/css;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1;mode=block
x-request-id
e1230bbbb8e68c1f2579600193548e0b
jquery-3.6.0.min.js
times.hinet.net/resources/js/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/js/jquery-3.6.0.min.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:43 GMT
content-encoding
br
last-modified
Mon, 21 Mar 2022 05:42:10 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1;mode=block
x-request-id
27c17d4b0298f6cd300ca691fb9ca708
fltSky.js
times.hinet.net/resources/js/ 		2 KB
900 B 		Script
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/js/fltSky.js?v=20220331
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
6030e59b3284c2dadddfb47bb8f1f5446255b8276da0441575b9f61f2b355ea3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:43 GMT
content-encoding
br
last-modified
Wed, 30 Mar 2022 11:11:16 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1;mode=block
x-request-id
e281d6df922e14197f8dda0c3ab047b9
jquery.textslider.min.js
times.hinet.net/resources/js/ 		1 KB
812 B 		Script
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/js/jquery.textslider.min.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
7c905fa103f34e93986a57259d8034d3446a0ff54288f066f2263f177584fb24
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:43 GMT
content-encoding
br
last-modified
Tue, 30 Jun 2020 06:47:40 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1;mode=block
x-request-id
ee4807f0023dbabafc1c27bf75410bc7
swipebox.css
times.hinet.net/resources/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/css/swipebox.css
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
3f17663a307134364af3e4ddc5a97ca0dd14b15aadb0627199151abd18c2e616
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:43 GMT
content-encoding
br
last-modified
Tue, 30 Jun 2020 06:47:38 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
HIT
content-type
text/css;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1;mode=block
x-request-id
2de8fb2ea094b727838640d27030b260
jquery.swipebox.min.js
times.hinet.net/resources/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/js/jquery.swipebox.min.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
294593c4aed632598c22cd7ab624e2f37047e9a5c3d5fbb3c672172f307e73c0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:43 GMT
content-encoding
br
last-modified
Tue, 30 Jun 2020 06:47:40 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1;mode=block
x-request-id
8862c5efe6c828e6588f63140b656608
app.js
ssp.hinet.net/api/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/app.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
dda552fe43c6560c271d1c612d6801919e3127613b4a8f249b89120d26ef13f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:45 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
utag.js
t.ssp.hinet.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:45 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 08:43:40 GMT
server
nginx
etag
W/"6215f3bc-11a3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Wed, 20 Apr 2022 02:16:45 GMT
idle.css
times.hinet.net/resources/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/css/idle.css?2020080501
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
41be49b2c1f7e3a3463d40241f8c543e256ffbc279fba84d4ebd27af511b5e6d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:43 GMT
content-encoding
br
last-modified
Fri, 23 Jul 2021 03:53:10 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
HIT
content-type
text/css;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1;mode=block
x-request-id
449280d371362c93ec7a836d1e382364
ppnio.js
player.svc.litv.tv/v2/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.svc.litv.tv/v2/ppnio.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
097d60c3996431bb755fece421f9c2cd6aa144f5491310209159558ccbf34f81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 08:15:27 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 08:33:46 GMT
server
AmazonS3
age
64277
etag
W/"ff1e9a17f4b084f309e726bb59ce8f2f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
yVes9F6tgId4n3GWJ6irB8tDOyYKWDVp
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
pmN0zK6eeBOdJdmlwzP6S26cRnUK_jZgqMb9z1lMNBm5uoYIYo_47g==
jquery.masonry.min.js
times.hinet.net/resources/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/js/jquery.masonry.min.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
cdb71be7dca0a2bc583d6a9fcb1e776519d597a9fe39a98fcf0350a9722ac5d2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:43 GMT
content-encoding
br
last-modified
Tue, 30 Jun 2020 06:47:40 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1;mode=block
x-request-id
394fec3ac478d7c62a12b74aec6d4d47
s_af9d68ec-9c0e-40d0-be89-fe8b5210a03e.jpg
times.hinet.net/news/cimages/23/86/23869533/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/news/cimages/23/86/23869533/s_af9d68ec-9c0e-40d0-be89-fe8b5210a03e.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
0ae720a8060fee5c9e6860899e47e736cc1fb27116b04cbd0a8b78baa065c05c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
last-modified
Tue, 19 Apr 2022 10:33:09 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/jpeg
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
63377
x-xss-protection
1;mode=block
x-request-id
53daf85a7c1585285ff1e76358964735
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
946daf331884e216278220d16dfab5eb8923bf923f858a75683f35dcd62cad82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28668
x-xss-protection
0
server
sffe
etag
"1191 / 127 of 1000 / last-modified: 1650406063"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Apr 2022 02:06:44 GMT
kayakWidgetnews
trip.hinet.net/search-widget/script/uwl/ 		50 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/script/uwl/kayakWidgetnews
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
837af2328f1892a684bcc45e2f1a01a0936eab43ac3998660687b504443cb820
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
referrer-policy
origin-when-cross-origin
server
KAYAK/1.0
date
Wed, 20 Apr 2022 02:06:45 GMT
content-security-policy-report-only
default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
content-language
zh-TW
cache-control
no-store
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=(), interest-cohort=()
x-content-type-options
nosniff
accept-ranges
bytes
content-type
application/javascript
vary
accept-encoding
x-xss-protection
1; mode=block
sps
times.hinet.net/hamiplus_stat/ 		3 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/hamiplus_stat/sps?dev=pc&type=news&nid=23869533&uid=85f4fc90c04e11ecac8d005056af6043
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
vary
Accept-Encoding
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-cache
MISS, MISS
content-type
text/html;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
3
x-xss-protection
1;mode=block
x-request-id
68a0bb9c1910303aba2a13e20f48aad9
mustache.min.js
times.hinet.net/resources/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/js/mustache.min.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
4d6f09b49bc8582f0a413c867dfefabaf48920cbb25bfc3d3d760e2848a65f2a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
content-encoding
br
last-modified
Tue, 30 Jun 2020 06:47:40 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1;mode=block
x-request-id
9b4af994ee83542177e6716231bd343e
pc-finance
vatrack.hinet.net/jsva/00000107/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vatrack.hinet.net/jsva/00000107/pc-finance?id=23869533
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.39.224.124 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
vatrack.hinet.net
Software
nginx / PHP/7.0.33
Resource Hash
795f688ec278f53f116dc18391f9a4fe78d499735a13783c4f36a84cced04047

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Apr 2022 02:06:46 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/7.0.33
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Expires
Sat, 26 Jul 1997 05:00:00 GMT
kayakWidgetright
trip.hinet.net/search-widget/script/uwl/ 		50 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/script/uwl/kayakWidgetright
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
776ce9b5e7bf7789728b047d309f2c334e821491a822ce9def843cd29be52299
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
referrer-policy
origin-when-cross-origin
server
KAYAK/1.0
date
Wed, 20 Apr 2022 02:06:45 GMT
content-security-policy-report-only
default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
content-language
zh-TW
cache-control
no-store
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=(), interest-cohort=()
x-content-type-options
nosniff
accept-ranges
bytes
content-type
application/javascript
vary
accept-encoding
x-xss-protection
1; mode=block
top10_1.png
times.hinet.net/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/top10_1.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
bc789c11f792ba3fee7ec986d060f5efc6bea4c2ebc10c05b027ee5549835328
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
last-modified
Fri, 23 Jul 2021 03:53:14 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1093
x-xss-protection
1;mode=block
x-request-id
4f542e097aff3f6116fe0626c97d867e
top10_2.png
times.hinet.net/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/top10_2.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
19d30fa994cb314679523d92b8370332697a73e4c1bd72b434d12764ece27f21
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
last-modified
Fri, 23 Jul 2021 03:53:14 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1189
x-xss-protection
1;mode=block
x-request-id
9a52778851950e640c6d28b42d399956
top10_3.png
times.hinet.net/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/top10_3.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
3bb5351d59c33c01019ffe6ca2fa98e122b40a0594cc460c5c870d54d62f9aac
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
last-modified
Fri, 23 Jul 2021 03:53:14 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1175
x-xss-protection
1;mode=block
x-request-id
a001dc38419dc4c2158f723fd1901304
top10_4.png
times.hinet.net/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/top10_4.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
bb3ddc1e9f0657db1d5ac712d5752513fcfb8275e4666fd0c2c21712755237cc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
last-modified
Fri, 23 Jul 2021 03:53:14 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1138
x-xss-protection
1;mode=block
x-request-id
befe0bd7453678d160d9ebb92056ddc7
top10_5.png
times.hinet.net/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/top10_5.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
453f130034a0523860d786d602b419f84c966d13bfba58f38762b8d3fc0b2030
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
last-modified
Fri, 23 Jul 2021 03:53:14 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1171
x-xss-protection
1;mode=block
x-request-id
8de3b80a71e971cbeb8f68169bdfb174
top10_6.png
times.hinet.net/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/top10_6.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
1b7ccc4002d2466149f4c1434d90876a0fd332dbd744965ca80a721045d2184a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
last-modified
Fri, 23 Jul 2021 03:53:14 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1174
x-xss-protection
1;mode=block
x-request-id
c4e40d87c6d80d86dc4ade8aceda7838
top10_7.png
times.hinet.net/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/top10_7.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
c9244ec01b005c2513817a2983888ff8f5e58c6d9766da7fcd9e2f09ee47099b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
last-modified
Fri, 23 Jul 2021 03:53:14 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1139
x-xss-protection
1;mode=block
x-request-id
e881c631b7922feb58de55f282c869f3
top10_8.png
times.hinet.net/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/top10_8.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
ae86278189aaa71bbe01e42bc8d08c6998f2aca71c2ce11bcdc05a6b45841859
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
last-modified
Fri, 23 Jul 2021 03:53:14 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1179
x-xss-protection
1;mode=block
x-request-id
19b8dce0404bc0e452b7d37c010519c5
top10_9.png
times.hinet.net/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/top10_9.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
da877ad2c44df0beca30c18a53358b832ce9603964a11fa61a1eb059a5493559
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
last-modified
Fri, 23 Jul 2021 03:53:14 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1176
x-xss-protection
1;mode=block
x-request-id
6d8889daf7097c069726f9d856bd81ab
top10_10.png
times.hinet.net/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/top10_10.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
5207333941efa23ca5ba590b4f49fb36bd687094f851638156a92f8e6294ac15
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
last-modified
Fri, 23 Jul 2021 03:53:14 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1195
x-xss-protection
1;mode=block
x-request-id
30a8de29fd6a1d660c670bca72973680
18035dc0e7e000006195.gif
times.hinet.net/news/cimages/admin/ 		173 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/news/cimages/admin/18035dc0e7e000006195.gif
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
1a1929bc65c477dc0c4a822a1e35343201bf36ec838eaecfae179b3df160a4f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
last-modified
Sun, 17 Apr 2022 04:50:55 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/gif
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
177023
x-xss-protection
1;mode=block
x-request-id
f1b761dbbc925ba0ed5a8d8930ddf859
17e485324e10000009f3.gif
times.hinet.net/news/cimages/admin/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/news/cimages/admin/17e485324e10000009f3.gif
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
40ce10b1728b498605c8f7e1ec66317d4033fb194a8b531cf59ee537957427fc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
last-modified
Tue, 11 Jan 2022 08:48:35 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/gif
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
49003
x-xss-protection
1;mode=block
x-request-id
e4a86b2bc3b2a0aa03fc0a05a4423e58
universal.js
tenmax-static.cacafly.net/ssp/ 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tenmax-static.cacafly.net/ssp/universal.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e14a47af6697d522e9da6e3a944ae8503d38e81abdaf2c0e245aa4f54934aaaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 20 Apr 2022 02:06:44 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
LnF7Tq18cPiljgzcn1Jiiw==
age
5120
x-ms-lease-status
unlocked
last-modified
Thu, 18 Nov 2021 05:59:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
3838d7ad-001e-0047-7541-dc3d9c000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=1800
x-ms-version
2009-09-19
cf-ray
6fea52889a4701db-ZRH
s_1650003794438.jpg
times.hinet.net/news/cimages/maganum/20777/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/news/cimages/maganum/20777/s_1650003794438.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
fdbc6ac27038e4fb23172e3ccf494fd29b296254688c5c27ea35ff67579cca53
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
last-modified
Fri, 15 Apr 2022 07:03:07 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/jpeg
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
58273
x-xss-protection
1;mode=block
x-request-id
2aad1922753c54614908cbb01dbe1ba0
jquery.mmenu.min.js
times.hinet.net/resources/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/js/jquery.mmenu.min.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
1fa4c3d86e2f4ce501d789f6230a225e49959ffd4ca6e0552d516d5f9f0ade5a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
content-encoding
br
last-modified
Tue, 30 Jun 2020 06:47:40 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1;mode=block
x-request-id
aa5a981fe3f8834d4e134b7b9a5cb760
page.js
times.hinet.net/resources/js/ 		593 B
493 B 		Script
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/js/page.js?20180525
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
716315cd5003af76ab26facc35af4fc97cdbd5b7995660f14d1ced4b5246d88d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
content-encoding
br
last-modified
Tue, 30 Jun 2020 06:47:40 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1;mode=block
x-request-id
50dd33f4c52e974e0a98e554c1d9bada
d2s.js
static.adsinstant.com/hinews/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsinstant.com/hinews/d2s.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-123.fra56.r.cloudfront.net
Software
nginx/1.10.3 /
Resource Hash
c5e2a8ed52b4f7c1706467a053a88aeebe816ae23217d87812d1709a71267a46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Tue, 19 Apr 2022 23:51:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Sep 2020 01:03:12 GMT
Server
nginx/1.10.3
Age
8285
ETag
W/"5f56d850-187f"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-C2
X-Amz-Cf-Id
d7CmPbu4GZzUFSYydBjAzmJgFbWFVDqrqzQZVC2GPMK1ctJys2kv_g==
sticky-kit.js
times.hinet.net/resources/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/js/sticky-kit.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
9082df375d326487e81a00c11e7b9c8b01ccc95423e066fa05e6d3239b335d8d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
content-encoding
br
last-modified
Tue, 30 Jun 2020 06:47:40 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1;mode=block
x-request-id
0e2db4d00fbc3148ca9cd86f430faaa5
stickymain.js
times.hinet.net/resources/js/ 		1 KB
692 B 		Script
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/js/stickymain.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
13ddd5194f5cfe75b4d9d0500831b1cc64aaac2a8ce2e10984e43533dc0ecc93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
content-encoding
br
last-modified
Tue, 30 Jun 2020 06:47:40 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1;mode=block
x-request-id
68520da44900e9f0b849739f1b66edee
sticky-init.js
times.hinet.net/resources/js/ 		313 B
478 B 		Script
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/js/sticky-init.js?20180525
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
c2c4d4ebf5dc7968063414e8cee5e6f78a4a72e5c65c96f43f8a6d073e646b12
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
content-encoding
br
last-modified
Tue, 30 Jun 2020 06:47:40 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1;mode=block
x-request-id
5b8e6380f5a6aa2cf9f42ff4f86506d5
loader.js
cdn.taboola.com/libtrc/salesfrontier-hinet/ 		174 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/salesfrontier-hinet/loader.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2f4cdc3c7d29ec8d2711719ea703c92f8af2c2411632991983c2012768a9d0c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
U4FSrcxrPL.C2TE6ypN95.tKoZbX9HkY
content-encoding
gzip
age
0
via
1.1 varnish
x-cache
MISS
x-from-cache
1
x-envoy-upstream-service-time
5
content-length
24735
x-amz-id-2
IkIjOxqRZYqRThIdMZmXdu6I3GenrAtXPNeSLIAThWQB7s+bBL5OeixH259Ui8GgSbQbYviZOts=
x-served-by
cache-cdg20773-CDG
last-modified
Wed, 20 Apr 2022 02:06:44 UTC
server
nginx
x-timer
S1650420405.561348,VS0,VE38
etag
"cebcd29500d66aabb7942afb431e69bedbfd52f9"
vary
Accept-Encoding, Accept-Encoding
x-amz-request-id
F90Y2FC69EH7DGKP
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
date
Wed, 20 Apr 2022 02:06:44 GMT
abp
7
x-cache-hits
0
sdk.js
connect.facebook.net/zh_TW/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_TW/sdk.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
afcf9e30f7373c24cd5f165be53de5b59cdf9c8696a15771e6f8ad677d599a57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
GJUJat9kRdBWPKximOouaA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
6YCkDrT0NFAxfXpWPF1thle0Elu3A0SuYL+vSl9Gmwg9l+3+VYz4LogXD3EgxGzy2YDWCn3n4oZItXiNP4jizw==
x-fb-trip-id
917726464
x-fb-content-md5
a41ecd4f0d8167522b46f98df5c7356b
x-frame-options
DENY
date
Wed, 20 Apr 2022 02:06:44 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"f96d99ce5252f36c44e86f22a4dc096c"
timing-allow-origin
*
expires
Wed, 20 Apr 2022 02:09:35 GMT
allbg.jpg
times.hinet.net/resources/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/allbg.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
812e7916a940bbb32e8cdb65f1f3b186844b2c94dfc37d4ed72bdf4bef455cc3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
last-modified
Fri, 23 Jul 2021 03:53:10 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/jpeg;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
7607
x-xss-protection
1;mode=block
x-request-id
4d54fee6624c909b7b2ecc387c74c905
logo.jpg
times.hinet.net/resources/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/logo.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
55172cf998222254b48642cc653c0333c6c9d69a8a69ea9141f193a477a8447a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/jpeg;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
12062
x-xss-protection
1;mode=block
x-request-id
952cfc09f60842b85b8ad831549090b1
btn_search.png
times.hinet.net/resources/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/btn_search.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
5f3d6bdc9e2abd036311e3c2d71bc9b8c305b28996a4dfe27a4f59c1895492d2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1350
x-xss-protection
1;mode=block
x-request-id
707113798e5a42487b8ed40891757436
btn_fb.png
times.hinet.net/resources/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/btn_fb.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
b4698e4108a364a339ae3aecb146c246cf9a3b83fd23fd93717eaf8f122508ac
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
2697
x-xss-protection
1;mode=block
x-request-id
da38c7767936377b071f92cbad513d15
btn_setting.png
times.hinet.net/resources/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/btn_setting.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
c0a898a2dcfa5fef330cc475218837d18afd1925818fcb0f04e552b37e0195c8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
3052
x-xss-protection
1;mode=block
x-request-id
63b1a0ddf75321f7be76cc3099c38e82
ico_01.png
times.hinet.net/resources/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/ico_01.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
9848e1900be6fb5365aa67f8f7df1f0aff3c354c97ee22628c7d1808154de6ff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1348
x-xss-protection
1;mode=block
x-request-id
64bc51cc7809d824f5a787daa9498c11
ico_03.png
times.hinet.net/resources/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/ico_03.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
69ec8663bf1831d5340d5296a087de1d08e134ff2c018136a5050f9a5022e4bb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1415
x-xss-protection
1;mode=block
x-request-id
7f016bbd3a95eadf7fad4e8bc5b54d54
sdk.js
connect.facebook.net/zh_TW/ 		284 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_TW/sdk.js?hash=ff9511b951092b32a7b7cf94a85fb3f5
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e79e3b02f9a151553428c71d328e7a39c3c2109386b2f3beb01b1ac9ca5db752
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://times.hinet.net/
Origin
https://times.hinet.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
XIRnfWnKkBiyahxPs4vaHQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Thu, 20 Apr 2023 00:28:49 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
83040
x-fb-rlafr
0
x-fb-debug
z0LE/ISEoaPs8sHTUkyP0ZZCN9gMh/KQV3I1vn6HfFGhUo1NF3WlzUo2+tbJBxLPSO5gJT1t16+NVa3JqWOTpg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
296c68c7f2926f1fe301895a67e0d36b
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 20 Apr 2022 02:06:44 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"367beb6e360439e7fafcc31a4fa8c4dd"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
impl.20220417-11_b2-PR-43648-DEV-109130-add-taboola-push-api-to-force-trc_-params-into-json-call-104bbd149d4-SNAPSHOT.js
cdn.taboola.com/libtrc/ 		625 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220417-11_b2-PR-43648-DEV-109130-add-taboola-push-api-to-force-trc_-params-into-json-call-104bbd149d4-SNAPSHOT.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/salesfrontier-hinet/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
e86cf6e2cedfccd5ec9b14e8adbb21a6320981eac58ef8155fd39d24a0f814d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
sOMZx3dPSGOeyHADaClvbInJRZGs8JXM
content-encoding
br
etag
"251e8955da8c750ea26a672ed50b0e24"
age
7323
x-cache
HIT
content-length
132430
x-amz-id-2
7Ren0egnywoCH8LgSlvPA+oyehrKeJ1cljUuzjAH5Ab+pMsakbLbFUj9EP2yk3eQDQkTJ3DRsnU=
x-served-by
cache-cdg20773-CDG
last-modified
Sun, 17 Apr 2022 15:45:35 GMT
server
AmazonS3-br
x-timer
S1650420405.646666,VS0,VE0
date
Wed, 20 Apr 2022 02:06:44 GMT
vary
Accept-Encoding
x-amz-request-id
NB47418HYKW55FSY
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
37
x-cache-hits
3
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/salesfrontier-hinet/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-121.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 04:06:42 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
79203
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b17dca9c320b96e12b996848d121ffe4.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
2McokhfAc65-ucKzqqaDj854etyDG7j5Edogz_3IzguU8-Z932pIuw==
tr5
cdn.taboola.com/libtrc/ 		3 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/tr5?abgroup=forced-qp-6_var1
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
via
1.1 varnish
server
Varnish
x-timer
S1650420405.647225,VS0,VE0
x-served-by
cache-cdg20773-CDG
x-cache
HIT
content-type
text/html
cache-control
private,max-age=14400
accept-ranges
bytes
content-length
3
retry-after
0
x-cache-hits
0
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1650420404000&ns_c=UTF-8&cv=3.5&c8=%E6%97%A5%E5%9C%93%E5%8C%AF%E7%8E%87%E5%A4%A7%E8%B7%B3%E6%B0%B4%E9%A9%9A%E8%A6%8B0.2315%E5%85%83%20...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1650420404000&ns_c=UTF-8&cv=3.5&c8=%E6%97%A5%E5%9C%93%E5%8C%AF%E7%8E%87%E5%A4%A7%E8%B7%B3%E6%B0%B4%E9%A9%9A%E8%A6%8B0.2315%E5%85%83%2...
0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1650420404000&ns_c=UTF-8&cv=3.5&c8=%E6%97%A5%E5%9C%93%E5%8C%AF%E7%8E%87%E5%A4%A7%E8%B7%B3%E6%B0%B4%E9%A9%9A%E8%A6%8B0.2315%E5%85%83%20%E5%86%8D%E6%8E%A2%E8%BF%9125%E5%B9%B4%E6%96%B0%E4%BD%8E-%E8%B2%A1%E7%B6%93-HiNet%E7%94%9F%E6%B4%BB%E8%AA%8C&c7=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&c9=
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Server
108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-121.dus51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:44 GMT
via
1.1 b17dca9c320b96e12b996848d121ffe4.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
cuJvuhhSnHKcquuZorLjOF0toKICLWQw6Piv8mBVcTWKeK2OAhj3mA==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=7&c2=34354936&c3=1&ns__t=1650420404000&ns_c=UTF-8&cv=3.5&c8=%E6%97%A5%E5%9C%93%E5%8C%AF%E7%8E%87%E5%A4%A7%E8%B7%B3%E6%B0%B4%E9%A9%9A%E8%A6%8B0.2315%E5%85%83%20%E5%86%8D%E6%8E%A2%E8%BF%9125%E5%B9%B4%E6%96%B0%E4%BD%8E-%E8%B2%A1%E7%B6%93-HiNet%E7%94%9F%E6%B4%BB%E8%AA%8C&c7=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&c9=
date
Wed, 20 Apr 2022 02:06:44 GMT
via
1.1 b17dca9c320b96e12b996848d121ffe4.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
content-length
0
x-amz-cf-id
jozGEgAeuadMlp9Ez0FUvaKfH-GxpvbjJ-2J0UBdyP1rvUHLUkO1fg==
x-cache
Miss from cloudfront
/
t.ssp.hinet.net/ 		37 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
5d3193d2016bffa3b0f4db8009599cd0531b2bd70eb65bcaeca6e9b8417efa31
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:45 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
emome2
t.ssp.hinet.net/ 		30 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=645f1f83-8da9-451c-b42f-b9f76357727e
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:45 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
pixel
645f1f83-8da9-451c-b42f-b9f76357727e.t.ssp.hinet.net/ 		0
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://645f1f83-8da9-451c-b42f-b9f76357727e.t.ssp.hinet.net/pixel?bd=645f1f83-8da9-451c-b42f-b9f76357727e&t=f2b798
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:47 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
json
ssp.hinet.net/api/web/request/ 		17 B
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request/json?c=2017003&s=201703000011&u=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&ad=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&t=1650420406374&oi=qcXQP&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017003%26s%3D201703000011%26u%3D7536927f-270b-7ca0-ddf6-9ac9caf6ad67%26ad%3D7536927f-270b-7ca0-ddf6-9ac9caf6ad67%26t%3D1650420406374%26oi%3DqcXQP%26site%3Dhttps%253A%252F%252Ftimes.hinet.net%252Fnews%252F23869533&o=5Lfnr
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
e091e49dfd6df3afa2eadfb799c8703d4de4181707813348004d335bccf5f0a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://times.hinet.net
date
Wed, 20 Apr 2022 02:06:48 GMT
access-control-allow-credentials
true
server
nginx
content-length
17
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
json
ssp.hinet.net/api/web/request/ 		581 B
753 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request/json?c=2017034&s=201702000074&callback=jQuery36005594656905142978_1650420403624&_=1650420403625
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/js/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
16efeb0515fc43c77483b067a3eff94b07162153babc768c83871a79fc25343f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://times.hinet.net
date
Wed, 20 Apr 2022 02:06:48 GMT
access-control-allow-credentials
true
server
nginx
content-length
581
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
ppnif.html
player.svc.litv.tv/v3/ Frame 2197 		933 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQz|aGluZXQ=
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4867d78d8cf2d27090f436525403b30019c5b9c6808f8c070e9aefd14d0de94c

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
64103
content-length
933
content-type
text/html
date
Tue, 19 Apr 2022 08:18:26 GMT
etag
"caf8fef87489e046b536046382e0765f"
last-modified
Tue, 19 Apr 2022 08:14:12 GMT
server
AmazonS3
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-id
FJMmjYlvzbopWyQhcX4vOmToXo3cFb-n5-h6JCEvwFjESmqa-92B0A==
x-amz-cf-pop
FRA50-C1
x-amz-version-id
jOva7_UtmB_uvFYBZcGaaNa3gi8yztzf
x-cache
Hit from cloudfront
icon_receipt.png
times.hinet.net/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/icon_receipt.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
985da98fe4a246bd70fb6491c0c1624ee92d2dd32e67e14c12669ad2f0c4b1ea
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:48 GMT
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1597
x-xss-protection
1;mode=block
x-request-id
e7e92cc9ef08700c483008e918f9317b
icon_lottery.png
times.hinet.net/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/icon_lottery.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
b909b819de73b529dfc23d1223be82163e1a034c44ee8ae31598b0d20bce3d34
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:48 GMT
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
2081
x-xss-protection
1;mode=block
x-request-id
c1bd6fed3257bb521c1fb691503cc134
json
ssp.hinet.net/api/web/request/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request/json?c=2017003&s=201707000014&u=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&ad=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&t=1650420407582&oi=QEYCr&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017003%26s%3D201707000014%26u%3D7536927f-270b-7ca0-ddf6-9ac9caf6ad67%26ad%3D7536927f-270b-7ca0-ddf6-9ac9caf6ad67%26t%3D1650420407582%26oi%3DQEYCr%26site%3Dhttps%253A%252F%252Ftimes.hinet.net%252Fnews%252F23869533&o=2GvpC
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
1c6b468ac76d805e0409bb3de88f5f26c3bd79bb5563b2b037db6e324190bd9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://times.hinet.net
date
Wed, 20 Apr 2022 02:06:48 GMT
access-control-allow-credentials
true
server
nginx
content-length
1144
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
icon_small.png
times.hinet.net/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/icon_small.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
8aeb2aacc69370ca7485addf948ff95becd05d389274aea6c079c1c6f2f27cc0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:48 GMT
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1645
x-xss-protection
1;mode=block
x-request-id
60d1b13b271bdf8edc63ef2130ab0012
icon_middle.png
times.hinet.net/resources/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/icon_middle.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
18044d775a7745700d2a79e4063b68780c6e663f7761b1c774d95bde64db974c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:48 GMT
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1423
x-xss-protection
1;mode=block
x-request-id
7c933b29b42f1010207121996e0e6e5b
icon_big.png
times.hinet.net/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/icon_big.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
4506fb221c1dd5f5f33bee1421a19d4eaf99d878ef193e9675e907999b700c27
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:48 GMT
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1708
x-xss-protection
1;mode=block
x-request-id
6e5a6eac0bba232ac1a504933764ee85
icon_line.png
times.hinet.net/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/icon_line.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
627fabb28705f9298120ad164d77d20a9d97a55bc63ac90c95fd674e1afc2632
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:48 GMT
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
2180
x-xss-protection
1;mode=block
x-request-id
5b53a15d9511e093035d788d4f9fcbc6
icon_fb.png
times.hinet.net/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/icon_fb.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
71a64d82ed79d6c4c8cb1c52e11a4e233ae803e37d4331e4ffcceb99b876f791
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:48 GMT
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1766
x-xss-protection
1;mode=block
x-request-id
0606ad081368339e7dd0daf3fed2998c
icon_mail.png
times.hinet.net/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/icon_mail.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
4f6783d500427e61a892209ffccb262f379dbb23714af8a615739306f7bebc0e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:48 GMT
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1928
x-xss-protection
1;mode=block
x-request-id
230c32a8e67126f133af5e679b0591c7
bg_dot.png
times.hinet.net/resources/images/ 		986 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/bg_dot.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
a8c9fe1107e3ee74a4a0d5963058746169fdf14b5d4138ddc13de1ed16475ea9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:48 GMT
last-modified
Fri, 23 Jul 2021 05:32:18 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
986
x-xss-protection
1;mode=block
x-request-id
8ea3a8a6b33d39c24024c2693e9e35ea
request
ssp.hinet.net/api/web/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request?c=2017003&s=201707000014&u=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&ad=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&t=1650420407582&oi=sCPuA&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&o=4mv24
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
f1e9d37f24abac22ea63095fc250b5b63f6ed616b8f0f0ad55ac889412ca1da9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:48 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
jquery-1.9.1.min.js
code.jquery.com/ Frame 44C2 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.9.1.min.js
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer
https://times.hinet.net/
Origin
https://times.hinet.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-169d5"
vary
Accept-Encoding
x-hw
1650420409.dop135.fr8.t,1650420409.cds281.fr8.hn,1650420409.cds250.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
32772
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 44C2 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
ac6d3c738a0ab220763e2d2c81411308d026b7f909f747d2a2ad0cee98c18765
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28508
x-xss-protection
0
server
sffe
etag
"1191 / 5 of 1000 / last-modified: 1650405960"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Apr 2022 02:06:48 GMT
third
ssp.hinet.net/api/web/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.hinet.net/api/web/third?c=2017003&s=201707000014&th=29&wc=3179
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
a_prev.png
times.hinet.net/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/a_prev.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
6c387c7d90607aef5af34bd725ea7e2231e00575b3fef63e9edfdabd4d2c1a9c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:48 GMT
last-modified
Fri, 23 Jul 2021 03:53:10 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1904
x-xss-protection
1;mode=block
x-request-id
d89078ad1f1abf12b748bd4c3cdaa1eb
a_next.png
times.hinet.net/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/a_next.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
d63a0e4ea320c3674d77dc2b87ab23aad3d4807b32aca18314c6c1c713cdb42b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:48 GMT
last-modified
Fri, 23 Jul 2021 03:53:10 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1931
x-xss-protection
1;mode=block
x-request-id
26837215c1ebc436133b3609d0c8227c
recommend_l.jpg
times.hinet.net/resources/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/recommend_l.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
9bb22fb29d4dee597bd42cbd2b3bc41d351836d9b7409730da060174ce3b2e50
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:48 GMT
last-modified
Fri, 23 Jul 2021 03:53:14 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/jpeg;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
14359
x-xss-protection
1;mode=block
x-request-id
abcd70eb6398a4c6255eee72ef66ba20
icon_redDot.jpg
times.hinet.net/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/icon_redDot.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
a3da22a435976dbc1aa933bb0a870f2dd410c95ab9d4f4284ea0188eca61316b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:48 GMT
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/jpeg;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1124
x-xss-protection
1;mode=block
x-request-id
a1f67331b51e5956f89dd8b86b560fda
pubads_impl_2022041801.js
securepubads.g.doubleclick.net/gpt/ 		362 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067166
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
e79ff5fb403dfd221e1b8a531424bb7579536c61b54839ab8e77ba322a9b212a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:56:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40217
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125970
x-xss-protection
0
last-modified
Mon, 18 Apr 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 19 Apr 2023 14:56:31 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		713 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ee7732b082509d32f714f6dfdcbcd15fb111e537becf0150837a6da3b7866af6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:06:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Wed, 20 Apr 2022 02:06:48 GMT
main
trip.hinet.net/search-widget/widget/uwl/ 		126 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/main?cc=tw&lc=zh&_=j966a&theme=default
Requested by
Host: trip.hinet.net
URL: https://trip.hinet.net/search-widget/script/uwl/kayakWidgetnews
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
2aeb4f08312d234c1900b53833468b03c5306309159fc7ad8e35b069b65e258f

Request headers

Referer
https://times.hinet.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
content-encoding
br
server
KAYAK/1.0
age
32748
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-language
zh-TW
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-store, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/json;charset=UTF-8
access-control-allow-headers
origin, X-Requested-With, Content-Type
content-length
31167
auto-complete
trip.hinet.net/search-widget/widget/uwl/ 		59 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/auto-complete?cc=tw&lc=zh&_=j966a
Requested by
Host: trip.hinet.net
URL: https://trip.hinet.net/search-widget/script/uwl/kayakWidgetnews
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
fbdf023f760d390a0ab0d5e9cf9f91c2e50fb6b442cf81f87ea7cdbf911a9cf9

Request headers

Referer
https://times.hinet.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
content-encoding
br
server
KAYAK/1.0
age
32748
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-language
zh-TW
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-store, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/json;charset=UTF-8
access-control-allow-headers
origin, X-Requested-With, Content-Type
content-length
20621
date-picker
trip.hinet.net/search-widget/widget/uwl/ 		129 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/date-picker?cc=tw&lc=zh&_=j966a
Requested by
Host: trip.hinet.net
URL: https://trip.hinet.net/search-widget/script/uwl/kayakWidgetnews
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
cb1627c5539eedb7a07bf3bcd0ff6030a264c954c3ce63b94520b77fbcadea41

Request headers

Referer
https://times.hinet.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
content-encoding
br
server
KAYAK/1.0
age
32748
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-language
zh-TW
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-store, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/json;charset=UTF-8
access-control-allow-headers
origin, X-Requested-With, Content-Type
content-length
37791
modal-error
trip.hinet.net/search-widget/widget/uwl/ 		15 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/modal-error?cc=tw&lc=zh&_=j966a
Requested by
Host: trip.hinet.net
URL: https://trip.hinet.net/search-widget/script/uwl/kayakWidgetnews
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
9d209966935ea7907d4e2c9be264e8f869dbb3d124b2a947446a17e1a9be3b8d

Request headers

Referer
https://times.hinet.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
content-encoding
br
server
KAYAK/1.0
age
32749
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-language
zh-TW
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-store, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/json;charset=UTF-8
access-control-allow-headers
origin, X-Requested-With, Content-Type
content-length
4813
hotel-travelers
trip.hinet.net/search-widget/widget/uwl/ 		79 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/hotel-travelers?cc=tw&lc=zh&_=j966a
Requested by
Host: trip.hinet.net
URL: https://trip.hinet.net/search-widget/script/uwl/kayakWidgetnews
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
f53b360e6c7462268934f7f22b3b0f631598933845cb065a9c13a450ca6e9587

Request headers

Referer
https://times.hinet.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Wed, 20 Apr 2022 02:06:48 GMT
content-encoding
br
server
KAYAK/1.0
age
32749
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-language
zh-TW
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-store, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/json;charset=UTF-8
access-control-allow-headers
origin, X-Requested-With, Content-Type
content-length
8456
json
trc.taboola.com/salesfrontier-hinet/trc/3/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/salesfrontier-hinet/trc/3/json?tim=02%3A06%3A48.278&lti=forced-qp-6_var1&data=%7B%22id%22%3A258%2C%22ii%22%3A%22%2Fnews%2F23869533%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1650366243960%2C%22vi%22%3A1650420408260%2C%22cv%22%3A%2220220417-11_b2-PR-43648-DEV-109130-add-taboola-push-api-to-force-trc_-params-into-json-call-104bbd149d4-SNAPSHOT%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22pev%22%3A7340%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533%22%2C%22vpi%22%3A%22%2Fnews%2F23869533%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2731%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-stream%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A0%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22alternating-thumbnails-widget%3Aabp%3D0%22%2C%22uip%22%3A%22Above%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Above%20Article%20Thumbnails%22%2C%22cd%22%3A162%2C%22mw%22%3A700%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fnews%2F23869533%2CAbove%20Article%20Thumbnails%3Dalternating-thumbnails-widget%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-stream%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22forced-qp-6_var1%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220417-11_b2-PR-43648-DEV-109130-add-taboola-push-api-to-force-trc_-params-into-json-call-104bbd149d4-SNAPSHOT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f331cfd15bd3aa18711ba2d91f27fc3f7e6f4ee28079b76c9529f4e77f11ba92

Request headers

Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
205
date
Wed, 20 Apr 2022 02:06:49 GMT
content-encoding
gzip
server
nginx
x-timer
S1650420409.965505,VS0,VE205
x-served-by
cache-cdg20773-CDG
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
icon_liDot_m.png
times.hinet.net/resources/images/ 		979 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/icon_liDot_m.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
14c8862a2d9916b08fb2ffeee08896c7819db0b22bcdd613c9cad2afdf182ac8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
979
x-xss-protection
1;mode=block
x-request-id
bcd4f1259c9f3891eefa9273d02d44c0
getExtendNews
times.hinet.net/ 		27 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/getExtendNews?id=23869533
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/js/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
793cd4d02321ea3f8e40460f815bbd287768a4b72f1b37ca2822627258420b51
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://times.hinet.net/news/23869533
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
content-encoding
br
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
MISS, EXPIRED
content-type
application/json;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1;mode=block
x-request-id
006dc96854e88cf8abc0d17251118466
btn_next.png
times.hinet.net/resources/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/btn_next.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
618d3c3e4761a7573bc98ec4e4620b3ec7464e9a2022bc2f7dfb4ae1943c3025
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
3970
x-xss-protection
1;mode=block
x-request-id
6375e8073b8452ba877e02214052dce8
json
ssp.hinet.net/api/web/request/ 		577 B
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request/json?c=2017034&s=201702000027&callback=jQuery36005594656905142978_1650420403624&_=1650420403626
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/js/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
21bb013c1cffa21155688a9f72600dc272b05defbe63c3a27bf69e186ddf2952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://times.hinet.net
date
Wed, 20 Apr 2022 02:06:49 GMT
access-control-allow-credentials
true
server
nginx
content-length
577
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
hinet_times.js
api.popin.cc/searchbox/ 		125 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/searchbox/hinet_times.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
2fbca0fca49045bdc0fd14f342e0a280b8f680e2a51a0a166c2af8ae1aaa5f25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 02:06:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Apr 2022 10:26:23 GMT
Server
nginx
ETag
W/"3d49b80c59b8435f8a06052160307189"
X-Cache-Status
HIT from 10.252.55.25
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
x-amz-version-id
Hg636Hk.TGe7l1rdJUs1C.pc8gpVBOwo
Expires
Wed, 20 Apr 2022 03:06:50 GMT
mobile_iframe.html
www.hinet.net/tv/ Frame B573 		0
0
flight-trip-status
trip.hinet.net/search-widget/widget/uwl/ 		22 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/flight-trip-status?cc=tw&lc=zh&_=j966a
Requested by
Host: trip.hinet.net
URL: https://trip.hinet.net/search-widget/script/uwl/kayakWidgetnews
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
f88f92ccab51377b340c97083ca13980b2e2291e8cbba1b1780c21411305fdf7

Request headers

Referer
https://times.hinet.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
content-encoding
br
server
KAYAK/1.0
age
32748
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-language
zh-TW
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-store, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/json;charset=UTF-8
access-control-allow-headers
origin, X-Requested-With, Content-Type
content-length
7639
flight-travelers
trip.hinet.net/search-widget/widget/uwl/ 		28 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/flight-travelers?cc=tw&lc=zh&_=j966a
Requested by
Host: trip.hinet.net
URL: https://trip.hinet.net/search-widget/script/uwl/kayakWidgetnews
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
730673dffc744e8acb140735d7ba1e9064f6409a6e64de1f1eaf1ab08e26fd51

Request headers

Referer
https://times.hinet.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
content-encoding
br
server
KAYAK/1.0
age
32748
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-language
zh-TW
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-store, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/json;charset=UTF-8
access-control-allow-headers
origin, X-Requested-With, Content-Type
content-length
8480
car-trip-status
trip.hinet.net/search-widget/widget/uwl/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/car-trip-status?cc=tw&lc=zh&_=j966a
Requested by
Host: trip.hinet.net
URL: https://trip.hinet.net/search-widget/script/uwl/kayakWidgetnews
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
cd675831f2e17631831dcf700a43a75d611aaf7ce31c4fae583eb191b2ab476d

Request headers

Referer
https://times.hinet.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
content-encoding
br
server
KAYAK/1.0
age
32748
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-language
zh-TW
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-store, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/json;charset=UTF-8
access-control-allow-headers
origin, X-Requested-With, Content-Type
content-length
4249
weather2.png
times.hinet.net/resources/images/weather_icon/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/weather_icon/weather2.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
b639864f07aa4711dd44dd5a09e5fa230d0d3f82465dfdc2b875a3380c301283
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
last-modified
Fri, 23 Jul 2021 03:53:16 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
2528
x-xss-protection
1;mode=block
x-request-id
1b0468e175afa5fb2d0817e83b34464d
icon_weather_arrow.png
times.hinet.net/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/icon_weather_arrow.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
4917a38e1d58f7b36fe882f03446589c36f40ebd329cfc54c5637bfed9f9824d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1043
x-xss-protection
1;mode=block
x-request-id
9d15efecb5dc796765028debd6f4941b
index.html
times.hinet.net/hinetlife2/ Frame 5B0B 		545 B
518 B 		Document
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/hinetlife2/index.html
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
95abe5b1e4ce00e56c1c7d08820eb0eaf6eb888d6551905af5dfbcec42a4e835
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://times.hinet.net/news/23869533
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-type
text/html
date
Wed, 20 Apr 2022 02:06:49 GMT
last-modified
Fri, 20 Dec 2019 06:40:06 GMT
server
HiNetCDN/2203
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-cache
HIT
x-frame-options
SAMEORIGIN
x-request-id
947a8144af59c9154b8f23dbee0c9d13
x-xss-protection
1;mode=block
h3_top10.png
times.hinet.net/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/h3_top10.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
42215ceadd2b46b0b790c33d8cf26125384152dd3fd1a1b5917a5f6d5e8cc006
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
2055
x-xss-protection
1;mode=block
x-request-id
8bf847b80549465dda428906b82e13de
top10_ar.png
times.hinet.net/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/top10_ar.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
86138d6b9f293675aa721961d190c5bfbf1755a9d945b5d6a74a69378ae41fbe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
last-modified
Fri, 23 Jul 2021 03:53:14 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1115
x-xss-protection
1;mode=block
x-request-id
3592fc25377fddbf085e2592736a4ae9
btn_more_org.png
times.hinet.net/resources/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/btn_more_org.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
9ed7c9b6e38e405c40e249161c718e2d2d6baf5889c95d17723f86787641ed1f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
3769
x-xss-protection
1;mode=block
x-request-id
5ff21903117a081afd8fcbf873574dfa
pixel
645f1f83-8da9-451c-b42f-b9f76357727e.t.ssp.hinet.net/ 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://645f1f83-8da9-451c-b42f-b9f76357727e.t.ssp.hinet.net/pixel?bd=645f1f83-8da9-451c-b42f-b9f76357727e&t=hinet
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
icon_liDot_issue_s.png
times.hinet.net/resources/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/icon_liDot_issue_s.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
1cc9e5b9a038b56587837431eaed3a222f9c696f9dff5c44beabb8ccc5e3c4f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
2837
x-xss-protection
1;mode=block
x-request-id
fd55031a49b79f82fb80fb9baaaf49f6
h3_magazine_r.png
times.hinet.net/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/h3_magazine_r.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
b898198e3cd6d595d2917c53da74a6136c43f6b3e4b5dd46cc6e0cd743ba9676
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1622
x-xss-protection
1;mode=block
x-request-id
9f46f84da04e83d35fdbdf64ba512c10
btn_more.png
times.hinet.net/resources/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/btn_more.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
a3d666d61ba0b00cc6b56203773cfd9be034540c7d98bfb32031f21a8d0489fe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
3793
x-xss-protection
1;mode=block
x-request-id
4013c74d13c8fd1f69c4ee713f062165
icon_liDot_s.png
times.hinet.net/resources/images/ 		966 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/icon_liDot_s.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
a9a71eaef4525955e005478a8545b54fd4429564e1ecd9f4d943c93ea21a8d87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
966
x-xss-protection
1;mode=block
x-request-id
6c2674486da75d74d049e5d76bb7a8d4
b734323b-0532-40a6-8d4e-782e1c96bd3a
dmp.tenmax.io/p/ 		43 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.tenmax.io/p/b734323b-0532-40a6-8d4e-782e1c96bd3a?random=147968869
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.76.34.51 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 02:06:51 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
plan
ssp.tenmax.io/supply/v3/universal/ 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.tenmax.io/supply/v3/universal/plan?rmaxSpaceId=2f0bd42ae1064b18&referer=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&cacheBuster=90cb29af-b011-4c94-9e6a-f9532d998b71
Requested by
Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/universal.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
ef7f142c85d97b51ac659f22af22d7924daf00d553dadeeb2807a23c5cb48a94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 02:06:52 GMT
Server
nginx
Vary
Origin
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
https://times.hinet.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
5968
X-Application-Context
application:prod,aggregator,build-ext:58070
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6578
date
Wed, 20 Apr 2022 00:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 20 Apr 2022 02:17:11 GMT
main
trip.hinet.net/search-widget/widget/uwl/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/main?cc=tw&lc=zh&_=j966a&theme=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
GET
Origin
https://times.hinet.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-requested-with
access-control-allow-methods
GET
access-control-allow-origin
https://times.hinet.net
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
date
Wed, 20 Apr 2022 02:06:48 GMT
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=(), interest-cohort=()
referrer-policy
origin-when-cross-origin
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
server
KAYAK/1.0
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options
nosniff
x-xss-protection
1; mode=block
auto-complete
trip.hinet.net/search-widget/widget/uwl/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/auto-complete?cc=tw&lc=zh&_=j966a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
GET
Origin
https://times.hinet.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-requested-with
access-control-allow-methods
GET
access-control-allow-origin
https://times.hinet.net
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
date
Wed, 20 Apr 2022 02:06:49 GMT
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=(), interest-cohort=()
referrer-policy
origin-when-cross-origin
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
server
KAYAK/1.0
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options
nosniff
x-xss-protection
1; mode=block
date-picker
trip.hinet.net/search-widget/widget/uwl/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/date-picker?cc=tw&lc=zh&_=j966a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
GET
Origin
https://times.hinet.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-requested-with
access-control-allow-methods
GET
access-control-allow-origin
https://times.hinet.net
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
date
Wed, 20 Apr 2022 02:06:49 GMT
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=(), interest-cohort=()
referrer-policy
origin-when-cross-origin
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
server
KAYAK/1.0
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options
nosniff
x-xss-protection
1; mode=block
modal-error
trip.hinet.net/search-widget/widget/uwl/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/modal-error?cc=tw&lc=zh&_=j966a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
GET
Origin
https://times.hinet.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-requested-with
access-control-allow-methods
GET
access-control-allow-origin
https://times.hinet.net
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
date
Wed, 20 Apr 2022 02:06:49 GMT
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=(), interest-cohort=()
referrer-policy
origin-when-cross-origin
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
server
KAYAK/1.0
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options
nosniff
x-xss-protection
1; mode=block
hotel-travelers
trip.hinet.net/search-widget/widget/uwl/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/hotel-travelers?cc=tw&lc=zh&_=j966a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
GET
Origin
https://times.hinet.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-requested-with
access-control-allow-methods
GET
access-control-allow-origin
https://times.hinet.net
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
date
Wed, 20 Apr 2022 02:06:48 GMT
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=(), interest-cohort=()
referrer-policy
origin-when-cross-origin
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
server
KAYAK/1.0
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options
nosniff
x-xss-protection
1; mode=block
flight-trip-status
trip.hinet.net/search-widget/widget/uwl/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/flight-trip-status?cc=tw&lc=zh&_=j966a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
GET
Origin
https://times.hinet.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-requested-with
access-control-allow-methods
GET
access-control-allow-origin
https://times.hinet.net
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
date
Wed, 20 Apr 2022 02:06:49 GMT
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=(), interest-cohort=()
referrer-policy
origin-when-cross-origin
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
server
KAYAK/1.0
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options
nosniff
x-xss-protection
1; mode=block
flight-travelers
trip.hinet.net/search-widget/widget/uwl/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/flight-travelers?cc=tw&lc=zh&_=j966a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
GET
Origin
https://times.hinet.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-requested-with
access-control-allow-methods
GET
access-control-allow-origin
https://times.hinet.net
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
date
Wed, 20 Apr 2022 02:06:49 GMT
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=(), interest-cohort=()
referrer-policy
origin-when-cross-origin
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
server
KAYAK/1.0
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options
nosniff
x-xss-protection
1; mode=block
car-trip-status
trip.hinet.net/search-widget/widget/uwl/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/car-trip-status?cc=tw&lc=zh&_=j966a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
GET
Origin
https://times.hinet.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-requested-with
access-control-allow-methods
GET
access-control-allow-origin
https://times.hinet.net
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
date
Wed, 20 Apr 2022 02:06:49 GMT
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=(), interest-cohort=()
referrer-policy
origin-when-cross-origin
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
server
KAYAK/1.0
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options
nosniff
x-xss-protection
1; mode=block
color.jpg
times.hinet.net/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/color.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
5d46b5a818894adfb303f61890f3d0ed390e464e9c69b4da41dd31875fd4b12d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/jpeg;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1127
x-xss-protection
1;mode=block
x-request-id
5e6f9f8dfdd97f947f1d1f0f7ce7c831
browser.jpg
times.hinet.net/resources/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/browser.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
75477f3949958becc4b03ff08e32ce45672db6409b821184fef888f2a61fbd51
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/jpeg;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
8852
x-xss-protection
1;mode=block
x-request-id
f86ad66a444359d8e68b1a92901b1e4d
website.jpg
times.hinet.net/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/website.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
0985fc9e6c924f671da4352346a551e7171d01be5c16aea4a2e9f966edc985f1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
last-modified
Fri, 23 Jul 2021 03:53:14 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/jpeg;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
1952
x-xss-protection
1;mode=block
x-request-id
d27706bb1ec1e91ec55e9622fb18f78f
btn_top.png
times.hinet.net/resources/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/btn_top.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
e6cafced5a19ae0e443dd2dac21a3934510f461c645cbd171c28a35b776e8ba7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
2669
x-xss-protection
1;mode=block
x-request-id
cabd49098faa3d0d0f2a7d627f245650
ppnio.js
player.svc.litv.tv/v3/ Frame 2197 		766 KB
207 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.svc.litv.tv/v3/ppnio.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQz|aGluZXQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab65663d91d2b24d60789f9520742dff66ef06afa1477dea67aa172acb6c840a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQz|aGluZXQ=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 08:15:05 GMT
content-encoding
gzip
last-modified
Tue, 19 Apr 2022 08:14:12 GMT
server
AmazonS3
age
64305
etag
W/"39a961642da55113a1c67d710cf5c9cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
C3A4E0wz8yguNa4IKSMi5GsdOFlveU0z
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
m2xpOb1hAo7eouszjpcIYQDDyCw63vRbkCDMep8xKsfSxs70pxGR6g==
pc-finance
vatrack.hinet.net/00000107/ 		43 B
964 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vatrack.hinet.net/00000107/pc-finance?id=23869533&va-title=%E6%97%A5%E5%9C%93%E5%8C%AF%E7%8E%87%E5%A4%A7%E8%B7%B3%E6%B0%B4%E9%A9%9A%E8%A6%8B0.2315%E5%85%83%20%E5%86%8D%E6%8E%A2%E8%BF%9125%E5%B9%B4%E6%96%B0%E4%BD%8E-%E8%B2%A1%E7%B6%93-HiNet%E7%94%9F%E6%B4%BB%E8%AA%8C&va-ch=en-us&va-res=1600x1200&va-rid=26251&va-os=linux%20x86_64&va-dtid=1650420408426
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.39.224.124 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
vatrack.hinet.net
Software
nginx / PHP/7.0.33
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

ua
Chrome/100
p4
va_rid
26251
time
1650420409
t2
-
X-Powered-By
PHP/7.0.33
va_dtid
1650420408426
t3
-
Connection
close
p5
va_res
1600x1200
pmobile
Pragma
no-cache
va_os
linux x86_64
param
?id=23869533
uri
/00000107/pc-finance
psn
va_title
日圓匯率大跳水驚見0.2315元 再探近25年新低-財經-HiNet生活誌
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
pattach_number
pmd
p3
phn
Date
Wed, 20 Apr 2022 02:06:49 GMT
ptel
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
t4
322212046
va_attr
-
va_ref
-
p2
t1
-
va_ch
en-us
Server
nginx
Expires
Sat, 26 Jul 1997 05:00:00 GMT
p1
id=23869533
track
553077064
ip
193.27.14.10
i
/
www.facebook.com/login/ Frame 590C
Redirect Chain
  • https://www.facebook.com/v2.3/plugins/page.php?app_id=169777559824026&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1082f00ca935f8%26domain%3Dtime...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D169777559824026%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_ar...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D169777559824026%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1082f00ca935f8%2526domain%253Dtimes.hinet.net%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ftimes.hinet.net%25252Ff2f5818eb53b738%2526relation%253Dparent.parent%26container_width%3D300%26height%3D500%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FHiNetnews%26locale%3Dzh_TW%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26width%3D300
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=ff9511b951092b32a7b7cf94a85fb3f5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Wed, 20 Apr 2022 02:06:49 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=0
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
z0PM2ajUs6iC1/z3+YIW9Lw1SjY1k8VaAt9GZE0KeNmy9SRrzlhhb4zs2DLX/gX8UmpL87ck7dFOknWZWRoohA==
x-fb-rlafr
0
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Wed, 20 Apr 2022 02:06:49 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v6.0
location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D169777559824026%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1082f00ca935f8%2526domain%253Dtimes.hinet.net%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ftimes.hinet.net%25252Ff2f5818eb53b738%2526relation%253Dparent.parent%26container_width%3D300%26height%3D500%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FHiNetnews%26locale%3Dzh_TW%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26width%3D300
pragma
no-cache
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-fb-debug
QHOXmQ4bJud4oc9E8RGLU6TpOUYccvigb2XUfBSv00Zt3BAemhTuX1UVBaq6gbz4YKnwfJom1O6zwBxU3ASjbA==
x-fb-rlafr
0
x-xss-protection
0
mobile_iframe.html
www.hinet.net/tv/ Frame 0DBE 		59 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hinet.net/tv/mobile_iframe.html
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/js/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
96dd30d1fffaef24f809000fb54513757729e166b1ad03eac4978633a6869d08
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
br
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
content-type
text/html; charset=UTF-8
date
Wed, 20 Apr 2022 02:06:51 GMT
last-modified
Wed, 20 Apr 2022 01:59:13 GMT
server
HiNetCDN/2203
strict-transport-security
max-age=31536000;includeSubdomains;preload
vary
Accept-Encoding Accept-Encoding,User-Agent
x-cache
HIT
x-content-type-options
nonsniff
x-frame-options
ALLOW-FROM https://times.hinet.net
x-request-id
fe8d2c445134f2bf7120eaa0384d2601
x-xss-protection
1;mode=block
userx.20220417-11_b2-PR-43648-DEV-109130-add-taboola-push-api-to-force-trc_-params-into-json-call-104bbd149d4-SNAPSHOT.es6.js
cdn.taboola.com/libtrc/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20220417-11_b2-PR-43648-DEV-109130-add-taboola-push-api-to-force-trc_-params-into-json-call-104bbd149d4-SNAPSHOT.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/salesfrontier-hinet/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
583ec217f74d685ac9cd7284bc5acf475f4609573e3dc5aef37fb73a7a16c454

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
3SO6j_G0RcTqPF_psvmuCCCLvMSnghmg
content-encoding
gzip
etag
"4d3419ddc33e5494d686669f53d1ec94"
age
49
x-cache
HIT
x-amz-replication-status
FAILED
content-length
5470
x-amz-id-2
EQ8LTht9VEPOSMLbYn+6yg6y3rfYACtysFnYTSkIsUp+ef4ygcbUh3nGH3u94r0Xf0zeAbJuN++9WnUeYGXM9Q==
x-served-by
cache-cdg20773-CDG
last-modified
Sun, 17 Apr 2022 15:46:35 GMT
server
AmazonS3
x-timer
S1650420409.397728,VS0,VE1
date
Wed, 20 Apr 2022 02:06:49 GMT
vary
Accept-Encoding
x-amz-request-id
FSWDN8RFZZ1Z3Q5V
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
37
x-cache-hits
1
json
trc.taboola.com/salesfrontier-hinet/trc/3/ 		31 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/salesfrontier-hinet/trc/3/json?tim=02%3A06%3A48.715&lti=forced-qp-6_var1&data=%7B%22id%22%3A934%2C%22ii%22%3A%22%2Fnews%2F23869533%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_594054c2b99949336d3278a4c6ecbcc2_9a7a5f33-2c25-4421-b606-fabc4a1ea171-tuct958f038_1650420408_1650420408_CNawjgYQzvZVGMS_46WEMCABKAEwODib4wlAiIoQSNCt2QNQouwQWABgAGiD2JXN5_L01rUBcAA%22%2C%22ui%22%3A%229a7a5f33-2c25-4421-b606-fabc4a1ea171-tuct958f038%22%2C%22uifp%22%3A%229a7a5f33-2c25-4421-b606-fabc4a1ea171-tuct958f038%22%2C%22lbt%22%3A1650366243960%2C%22vi%22%3A1650420408260%2C%22cv%22%3A%2220220417-11_b2-PR-43648-DEV-109130-add-taboola-push-api-to-force-trc_-params-into-json-call-104bbd149d4-SNAPSHOT%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22pev%22%3A7340%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533%22%2C%22vpi%22%3A%22%2Fnews%2F23869533%22%2C%22e%22%3A%22https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3920%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A3596.53125%2C%22mw%22%3A700%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fnews%2F23869533%2CBelow%20Article%20Thumbnails%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22forced-qp-6_var1%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220417-11_b2-PR-43648-DEV-109130-add-taboola-push-api-to-force-trc_-params-into-json-call-104bbd149d4-SNAPSHOT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
51cac33d2e0f55e9e968285435791695ba3259abdc434e99101c2bad7e70c46a

Request headers

Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
485
date
Wed, 20 Apr 2022 02:06:49 GMT
content-encoding
gzip
server
nginx
x-timer
S1650420409.401636,VS0,VE485
x-served-by
cache-cdg20773-CDG
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
beacon.js
sb.scorecardresearch.com/ Frame 2197 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-121.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 04:06:42 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
79208
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b17dca9c320b96e12b996848d121ffe4.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
jwtyNErddbu4VFTkZ7WtNyp1PsYasMp9XtK7URtQ9q38Z7uwWxY0MA==
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 2197 		376 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2767df6736abef725fe8b1e39307f402dc27a7c8341f9354a8c1b883dcc563dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128424
x-xss-protection
0
expires
Wed, 20 Apr 2022 02:06:49 GMT
form-data
trip.hinet.net/search-widget/ 		472 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/form-data
Requested by
Host: trip.hinet.net
URL: https://trip.hinet.net/search-widget/script/uwl/kayakWidgetnews
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
cf88a58d4d001935ce86f838a496c23ece1c026fbe9918cecfaeed715c75af81

Request headers

Referer
https://times.hinet.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
content-encoding
gzip
server
KAYAK/1.0
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-language
zh-TW
access-control-allow-origin
https://times.hinet.net
cache-control
no-store
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/json;charset=UTF-8
content-length
310
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:06:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:06:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=173953894828614&correlator=4225266071473744&eid=31067166%2C31067150%2C31062930%2C44755509&output=ldjh&gdfp_req=1&vrg=2022041801&ptt=17&impl=fifs&iu_parts=33575001%2Ctimespcintext&enc_prev_ius=%2F0%2F1&prev_iu_szs=580x400&ifi=1&adks=1057707594&sfv=1-0-38&ecs=20220420&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1650420408859&lmt=1650420408&dlt=1650420403187&idt=5632&biw=1600&bih=1200&adxs=350&adys=833&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&frm=20&vis=1&scr_x=0&scr_y=0&psz=580x400&msz=580x400&fws=4&ohw=680&ga_vid=1746851889.1650420409&ga_sid=1650420409&ga_hid=1330532702&ga_fc=false&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
aff5bfa5e6bd14ef3877ada391f3e445e1d5e142566f84408f7ae50c7b7ceaef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9022
x-xss-protection
0
google-lineitem-id
5755295029
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138366308490
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D844 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:06:49 GMT
expires
Thu, 20 Apr 2023 02:06:49 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
form-data
trip.hinet.net/search-widget/ 		472 B
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/form-data
Requested by
Host: trip.hinet.net
URL: https://trip.hinet.net/search-widget/script/uwl/kayakWidgetnews
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
cf88a58d4d001935ce86f838a496c23ece1c026fbe9918cecfaeed715c75af81

Request headers

Referer
https://times.hinet.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
content-encoding
gzip
server
KAYAK/1.0
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-language
zh-TW
access-control-allow-origin
https://times.hinet.net
cache-control
no-store
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/json;charset=UTF-8
content-length
310
pubads_impl_2022041301.js
securepubads.g.doubleclick.net/gpt/ Frame 44C2 		362 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
638d2f5ba5cf501a58131a42efe30aa2c2154904b0654a517cce4baeef308022
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 21:22:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17046
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125956
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 08:34:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 19 Apr 2023 21:22:43 GMT
form-data
trip.hinet.net/search-widget/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/form-data
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://times.hinet.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-requested-with
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://times.hinet.net
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
date
Wed, 20 Apr 2022 02:06:49 GMT
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=(), interest-cohort=()
referrer-policy
origin-when-cross-origin
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
server
KAYAK/1.0
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options
nosniff
x-xss-protection
1; mode=block
form-data
trip.hinet.net/search-widget/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/form-data
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://times.hinet.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-requested-with
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://times.hinet.net
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
date
Wed, 20 Apr 2022 02:06:49 GMT
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=(), interest-cohort=()
referrer-policy
origin-when-cross-origin
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
server
KAYAK/1.0
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1330532702&t=pageview&_s=1&dl=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ul=en-us&de=UTF-8&dt=%E6%97%A5%E5%9C%93%E5%8C%AF%E7%8E%87%E5%A4%A7%E8%B7%B3%E6%B0%B4%E9%A9%9A%E8%A6%8B0.2315%E5%85%83%20%E5%86%8D%E6%8E%A2%E8%BF%9125%E5%B9%B4%E6%96%B0%E4%BD%8E-%E8%B2%A1%E7%B6%93-HiNet%E7%94%9F%E6%B4%BB%E8%AA%8C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=1127037391&gjid=31957941&cid=1746851889.1650420409&tid=UA-63943172-1&_gid=313115528.1650420409&_r=1&_slc=1&z=1357337678
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
output.6892b5a0c99805c321b6.bundle.js
times.hinet.net/hinetlife2/assets/ Frame 5B0B 		2 MB
356 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/hinetlife2/assets/output.6892b5a0c99805c321b6.bundle.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/hinetlife2/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
0c2c3833db039b05863f40069917952f041b8b245e385b6d8b92e93938b78c7e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/hinetlife2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
content-encoding
br
last-modified
Fri, 20 Dec 2019 06:40:06 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1;mode=block
x-request-id
3a1f4abbb4409331b208f346bf9b24ed
943de76840269fb52eeedcfbda616580.jfif
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/943de76840269fb52eeedcfbda616580.jfif
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
491d0fbdc748cb28fd9fb80d920c5aa705b5b8b3b97e826aa6c4bee4ede0fd87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
82
date
Wed, 20 Apr 2022 02:06:49 GMT
via
1.1 varnish, 1.1 varnish
age
1583491
edge-cache-tag
444910687945873722450631421443045237597,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
cache-tag
444910687945873722450631421443045237597,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
79
x-cache
MISS, HIT, MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/943de76840269fb52eeedcfbda616580.jfif
content-length
4936
x-request-id
d6594699d1779c92c021dfcd5267f80b
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Fri, 18 Mar 2022 07:12:23 GMT
server
nginx
x-timer
S1650420410.759915,VS0,VE82
etag
"3443a7f43bf1d8f51b1285917524ffd4"
x-served-by
cache-iad-kcgs7200142-IAD, cache-iad-kjyo7100130-IAD, cache-bur-kbur8200142-BUR, cache-iad-kiad7000049-IAD, cache-cdg20773-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1, 0
623d37cd5ad05.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//newtalk.tw/ogimage/s.newtalk.tw/album/news/730/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//newtalk.tw/ogimage/s.newtalk.tw/album/news/730/623d37cd5ad05.jpeg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1568c2170219639a98d73641d1d0d356af135f2b9a3cfb7e4937f1c191ba7478

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 20 Apr 2022 02:06:49 GMT
via
1.1 varnish, 1.1 varnish
age
79262
edge-cache-tag
413451790822578570947605681093627175170,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
cache-tag
413451790822578570947605681093627175170,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
143
expiration
expiry-date="Wed, 27 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//newtalk.tw/ogimage/s.newtalk.tw/album/news/730/623d37cd5ad05.jpeg
content-length
7868
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Sun, 27 Mar 2022 18:51:17 GMT
server
nginx
x-timer
S1650420410.759963,VS0,VE1
etag
"95eabd3a87129a84202b9650b0c8cf71"
x-served-by
cache-iad-kjyo7100167-IAD, cache-iad-kiad7000154-IAD, cache-chi-kigq8000095-CHI, cache-iad-kiad7000083-IAD, cache-cdg20773-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
1eafc3d48a1204be6518e47799a0b1c7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1eafc3d48a1204be6518e47799a0b1c7.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3202c6853276a35c4252dd8b434d88a050d8d97f3d1e7464bbc1cd51be2029e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
82
date
Wed, 20 Apr 2022 02:06:49 GMT
via
1.1 varnish, 1.1 varnish
age
961751
edge-cache-tag
292158338015259424768087373450780169276,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
cache-tag
292158338015259424768087373450780169276,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
12
expiration
expiry-date="Mon, 25 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1eafc3d48a1204be6518e47799a0b1c7.jpg
content-length
7248
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Fri, 25 Mar 2022 11:55:05 GMT
server
nginx
x-timer
S1650420410.760045,VS0,VE82
etag
"9b892d3b1b6e1ad1dda299c6aac23c72"
x-served-by
cache-iad-kjyo7100083-IAD, cache-iad-kjyo7100157-IAD, cache-bur-kbur8200103-BUR, cache-iad-kcgs7200132-IAD, cache-cdg20773-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1, 0
s_80278db5-46af-4274-9cb9-026e802515fd.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//times.hinet.net/news/cimages/23/86/23869336/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//times.hinet.net/news/cimages/23/86/23869336/s_80278db5-46af-4274-9cb9-026e802515fd.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f8028a2f969e448dfa872b4e2a8ae6d368c77d6eb7ef80a8e40a0047402046e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
80
date
Wed, 20 Apr 2022 02:06:49 GMT
via
1.1 varnish, 1.1 varnish
age
50282
edge-cache-tag
363495680414900257691111513809453998377,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
cache-tag
363495680414900257691111513809453998377,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
12
x-cache
MISS, MISS, HIT, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//times.hinet.net/news/cimages/23/86/23869336/s_80278db5-46af-4274-9cb9-026e802515fd.jpg
content-length
4816
x-request-id
5a17f3b0eb34237005a4b8efe135858a
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Tue, 19 Apr 2022 11:24:48 GMT
server
nginx
x-timer
S1650420410.760102,VS0,VE80
etag
"a88d6e4fc3ae79409a385bf633773de8"
x-served-by
cache-iad-kcgs7200086-IAD, cache-iad-kjyo7100125-IAD, cache-bur-kbur8200060-BUR, cache-iad-kiad7000177-IAD, cache-cdg20773-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1, 0
b
sb.scorecardresearch.com/ Frame 2197 		0
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=18986219&c3=100001&ns__t=1650420409074&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fppnif.html%3Fs%3DaGluZXQz%7CaGluZXQ%3D&c9=https%3A%2F%2Ftimes.hinet.net%2F
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQz|aGluZXQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-121.dus51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
via
1.1 b17dca9c320b96e12b996848d121ffe4.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
NdO6Er7ciqfQkA6nfibZBgfesC4Ifxsm60DJtdoNY9NDAmGIp3j3GQ==
x-cache
Miss from cloudfront
view
securepubads.g.doubleclick.net/pcs/ Frame 8C40 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHtIflqmCry2uBacOV3OXo0ddX1WKO1CpwBZTsxuXxn6G9RAW2QDwEC6_uTWbrAQO3V66-addrg3LbFmbzez-yRylxgkLcuPXzPacPGxs07xS_ztIY9QQkYRJ51lwZs2CGcec_ueAQNB8iFahpcJk4v-g0v4AiZL0FPqDbFPCPqS9oVDRG6ffJ3HhMxrGPZkojsK6k8qHR13Udi3cg_S1bWgHZb4h1RKEb5szgYmwcwBnm2UY_MCiQ_WEiTiz2AZfjJeNAtA81fQQTb-BX-vmt6ByeYxLjP4-HvEqfZ3VjCnyvhy4rWRn3wQ&sai=AMfl-YSM5vyo_mYklROrdmD4jYBLRHOQAPDfLpvzu7tCorZ1ZOrh44a1EpIA3lq3Qa4fXT2BRvbDjwXUwEYGiMhPGPhOWrMBf8H3Lif_NkYmRRm2jPNTskblrdfs4HZEV_k&sig=Cg0ArKJSzA-jMQGwIiACEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:06:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 20 Apr 2022 02:06:49 GMT
adsbytenmax.js
tenmax-static.cacafly.net/ssp/ 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc05e9f04683682906d0ad443881bd19fce83e240bbaeeb6ec814ce757204ee4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 20 Apr 2022 02:06:49 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
U63yZkrSK7TVVVQvpY1AAQ==
age
2458
x-ms-lease-status
unlocked
last-modified
Thu, 18 Nov 2021 05:59:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
5199d319-b01e-005e-4141-dc11f4000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=1800
x-ms-version
2009-09-19
cf-ray
6fea52a97fe501db-ZRH
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8C40 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650281421154365"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Apr 2022 02:06:49 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-63943172-1&cid=1746851889.1650420409&jid=1127037391&gjid=31957941&_gid=313115528.1650420409&_u=IAhAAEAAAAAAAC~&z=1224600596
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 20 Apr 2022 02:06:49 GMT
content-type
text/plain
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
debug
trc-events.taboola.com/salesfrontier-hinet/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/salesfrontier-hinet/log/2/debug?tim=02%3A06%3A49.066&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=7614&cv=20220417-11_b2-PR-43648-DEV-109130-add-taboola-push-api-to-force-trc_-params-into-json-call-104bbd149d4-SNAPSHOT&lt=forced-qp-6_var1&uuid=71644ad16ffdf8468bf268184521e7ada9826f4a94002cc24033f3381a353a8c&dcc=1&pct=1
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:50 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12872
integrator.js
adservice.google.de/adsid/ Frame 44C2 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:06:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 44C2 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:06:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 44C2 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1580441317644711&correlator=1864070943119642&eid=31063378%2C31067189%2C31060545%2C31064226%2C31065454%2C31064623&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fifs&iu_parts=33575001%2C%E7%94%9F%E6%B4%BB%E8%AA%8C_%E6%96%B0%E8%81%9E%E5%85%A7%E6%96%87%E4%B8%8B_580x400&enc_prev_ius=%2F0%2F1&prev_iu_szs=580x400&ifi=1&adks=3329571054&sfv=1-0-38&ecs=20220420&fsapi=false&sc=1&cookie=ID%3D7aeb9a1e9fafdbfd-221eeeea7bcd005e%3AT%3D1650420409%3AS%3DALNI_MYrLhz-84jHdWIDAdBKOFWsyo7-QQ&cdm=times.hinet.net&abxe=1&dt=1650420409304&lmt=1650420409&dlt=1650420407880&idt=1357&biw=1600&bih=1200&isw=580&ish=400&adxs=300&adys=1830&ucis=d70h1wins29g&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&top=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&frm=23&vis=1&scr_x=0&scr_y=0&psz=580x400&msz=580x-1&fws=260&ohw=580&ea=0&ga_vid=1746851889.1650420409&ga_sid=1650420409&ga_hid=732090387&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
48929504599c318a730faaf8493680a02fad83854ecc7bc60e813639973c9fde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8773
x-xss-protection
0
google-lineitem-id
5756110922
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138358650324
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1225ef7adcb5a5606b8e633d2d8d5efc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 892C 		6 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://1225ef7adcb5a5606b8e633d2d8d5efc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:06:50 GMT
expires
Thu, 20 Apr 2023 02:06:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
video.novtt.min.js
jsmodule.svc.litv.tv/videojs/ Frame 2197 		488 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsmodule.svc.litv.tv/videojs/video.novtt.min.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8400:9:f0ff:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19d173388ecf7414a4d7ba951cc7557b1f4d181cfddf5717fd09410d2f7d81f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
oxKgqXtWiOnPmdhIW_gFoPkZ6EGgOs9Y
content-encoding
br
last-modified
Mon, 19 Apr 2021 07:20:07 GMT
server
AmazonS3
age
74802
etag
W/"c9b5d9401cfafdfbd38583ff245ba550"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
date
Tue, 19 Apr 2022 05:20:09 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
bPzxDK3iou-oAZdQ2MFec6uYh5iRV1YHBfbGtU9RoM19FFvwKeIkxw==
tb
15.taboola.com/ 		41 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=salesfrontier-hinet&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&cirf=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&encoded=1&uid=9a7a5f33-2c25-4421-b606-fabc4a1ea171-tuct958f038&variant=0|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1650420409355&tagid=&cntry=DE&platform=1&sesid=594054c2b99949336d3278a4c6ecbcc2&itemid=/news/23869533&viewid=1650420408260&geolat=&geoing=&deviceifa=&appid=&sd=v2_594054c2b99949336d3278a4c6ecbcc2_9a7a5f33-2c25-4421-b606-fabc4a1ea171-tuct958f038_1650420408_1650420409_CNawjgYQzvZVGMS_46WEMCABKAEwODib4wlAiIoQSNCt2QNQouwQWABgAGiD2JXN5_L01rUBcAA&ri=5b615abefb2cde4754b33ff3add65177&appname=&cdb=&gdprApplies=true&rid=&sii=3049747386152824375&oee=true&tpubid=1407822&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=NW&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1271403&prcnt=&layer=&normp=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220417-11_b2-PR-43648-DEV-109130-add-taboola-push-api-to-force-trc_-params-into-json-call-104bbd149d4-SNAPSHOT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
090630bff5b997888f14e6e044b9485bc5f86f9d874cbfeebcb51e19d5c16446

Request headers

Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Apr 2022 02:06:50 GMT
content-encoding
gzip
access-control-allow-origin
https://times.hinet.net
machineid
1416
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-cdg20773-CDG
pragma
no-cache
server
nginx
x-timer
S1650420410.052003,VS0,VE23
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
feed-card-placeholder.20220417-11_b2-PR-43648-DEV-109130-add-taboola-push-api-to-force-trc_-params-into-json-call-104bbd149d4-SNAPSHOT.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20220417-11_b2-PR-43648-DEV-109130-add-taboola-push-api-to-force-trc_-params-into-json-call-104bbd149d4-SNAPSHOT.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/salesfrontier-hinet/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac68ca2fc5b344bfeb1836d5bbf7a8d271dde1cbf5440f2f3a4464f47c10a620

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
MLRLPtXH2WxlO9e_Vl6zAJFrL9Hvh79G
content-encoding
gzip
etag
"ccf694385e23f15741f8bdc65cfcd3e2"
age
24
x-cache
HIT
x-amz-replication-status
FAILED
content-length
1332
x-amz-id-2
5GHyCa1yQ26orcpRdT9Sy3UsARgAhj0fBgXo9zn7CD9i0Yx3fkDBea/J6tmLBhGQTZsxQP88BK0=
x-served-by
cache-cdg20773-CDG
last-modified
Sun, 17 Apr 2022 15:45:51 GMT
server
AmazonS3
x-timer
S1650420410.050744,VS0,VE1
date
Wed, 20 Apr 2022 02:06:50 GMT
vary
Accept-Encoding
x-amz-request-id
XR9M8N22A5RPDGPB
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
37
x-cache-hits
1
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-63943172-1&cid=1746851889.1650420409&jid=1127037391&_u=IAhAAEAAAAAAAC~&z=2022509410
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-63943172-1&cid=1746851889.1650420409&jid=1127037391&_u=IAhAAEAAAAAAAC~&z=2022509410
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
age
42
via
1.1 varnish
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
BjkalsIxOSozIBVOf6HFEIKCvFy2t+0UlfwqUNUEpzUc7Q5h1tNqVPLvo0yUNiXULiPd5kpRIp4=
x-served-by
cache-cdg20773-CDG
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1650420410.085032,VS0,VE0
date
Wed, 20 Apr 2022 02:06:50 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
HENZ6A6YTVQG9N5E
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
abp
37
x-cache-hits
2
view
securepubads.g.doubleclick.net/pcs/ Frame 8C40 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurMHutGKrdE5h9iCvcy7In_PRfr1_K0bWnBU80ihh4yvekvx345Hymqj3qES_Mzd-iM6kPaErr_C6Yr_e6qVk-lngH97he6Tf56k4cjpm2YlgNktmyM8nQdNAXgysiWCW6EVmwixvQaiKQ93aw6a5NdFUr_tehoXmFdoRpoztEZ2kSijwrd89wyOOrVDQ1Vjlt_i3pc9MeCYrFIua_wZpNsvc8VMGjufPH0SjLKdZkTncAnlyDdQEX6_wCQqrZYLuJQxA0Ckp_BpfT6Syg8CPfaUY7fKQUvTFTKGAb4qH2L6J6xOxghYT23_Tt&sai=AMfl-YQUouZrMLClyWTuzBH1jtPcjd6ttjmXxdFcSgnsBCIgYKkRXWggQzhO9YoXjz1tME0V1urrWV5qiWvzq4Vs5-hPYzcoWV2RnkBL3kg3k_Ly0lwBNCN4Vl79_-vgDV0&sig=Cg0ArKJSzIc2eoNK7IyiEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:06:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 20 Apr 2022 02:06:50 GMT
ad6a8363f241d6ebd41840d35a875650.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_420%2Cw_840%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_420%2Cw_840%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ad6a8363f241d6ebd41840d35a875650.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a0d90b4fabb6810c554dfea9a06994c0cd7b309e3c5674557b00d402e04eb004

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
88
date
Wed, 20 Apr 2022 02:06:50 GMT
via
1.1 varnish, 1.1 varnish
age
1006752
edge-cache-tag
320941668699523627025494179452460876693,329488345183777870587694299170317553807,29ecf9b93bbf306179626feeda1fab70
cache-tag
320941668699523627025494179452460876693,329488345183777870587694299170317553807,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
98
x-envoy-upstream-service-time
51
expiration
expiry-date="Sat, 09 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_420%2Cw_840%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ad6a8363f241d6ebd41840d35a875650.jpg
content-length
18112
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Wed, 09 Mar 2022 11:04:29 GMT
server
nginx
x-timer
S1650420410.144063,VS0,VE88
etag
"899cab8be6d9fba0432e656699a67668"
x-served-by
cache-iad-kcgs7200154-IAD, cache-iad-kjyo7100104-IAD, cache-chi-kigq8000031-CHI, cache-iad-kjyo7100128-IAD, cache-cdg20773-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1, 0
20fe67f65dc039f5158bf0fbadddcde1.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//native-images.theoptimizerimg.com/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//native-images.theoptimizerimg.com/20fe67f65dc039f5158bf0fbadddcde1.jpeg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
94ae74b8f76c01d8f313906628b49afb6078e31c25436a9f980ffcbce23abcdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
82
date
Wed, 20 Apr 2022 02:06:50 GMT
via
1.1 varnish, 1.1 varnish
age
1139741
edge-cache-tag
362657689965510269048071897161866531338,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
cache-tag
362657689965510269048071897161866531338,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
81
x-cache
MISS, HIT, MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//native-images.theoptimizerimg.com/20fe67f65dc039f5158bf0fbadddcde1.jpeg
content-length
12248
x-request-id
f7cf7b77083d791fefc1b31427afe1e7
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Sat, 02 Apr 2022 18:02:58 GMT
server
nginx
x-timer
S1650420410.147637,VS0,VE82
etag
"57ac6b74329f7ccf8f4ea8d5e46cf83c"
x-served-by
cache-iad-kjyo7100164-IAD, cache-iad-kcgs7200053-IAD, cache-sna10743-LGB, cache-iad-kjyo7100144-IAD, cache-cdg20773-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1, 0
ded843dbe3d9f24bc9c16fecef1792f0.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ded843dbe3d9f24bc9c16fecef1792f0.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aa048a2347e09ab50e37401e1ed6c232d6fa992e2ea752576e99ad3ab542f45d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
83
date
Wed, 20 Apr 2022 02:06:50 GMT
via
1.1 varnish, 1.1 varnish
age
2211029
edge-cache-tag
507819369357328004024169213711985705794,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
cache-tag
507819369357328004024169213711985705794,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
76
x-cache
MISS, HIT, MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ded843dbe3d9f24bc9c16fecef1792f0.jpg
content-length
8422
x-request-id
1efda02e1e6bfb0bb4a1f750a67bda2b
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Thu, 24 Mar 2022 14:51:04 GMT
server
nginx
x-timer
S1650420410.148222,VS0,VE83
etag
"0e81fbd640586d1aa875a438b0229a61"
x-served-by
cache-iad-kjyo7100175-IAD, cache-iad-kiad7000075-IAD, cache-bur-kbur8200105-BUR, cache-iad-kcgs7200129-IAD, cache-cdg20773-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1, 0
img_60c4c34d03323.jpg%3Fw%3D662%26amp%3Bis-pending-load%3D1%23038%3Bssl%3D1
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_420%2Cw_840%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i1.wp.com/aldiario.com/wp-content/uploads/2021/06/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_420%2Cw_840%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i1.wp.com/aldiario.com/wp-content/uploads/2021/06/img_60c4c34d03323.jpg%3Fw%3D662%26amp%3Bis-pending-load%3D1%23038%3Bssl%3D1
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7f315e409f6dd22535887665f0995988539ad88188e234752cbe6b23475d8f72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
81
date
Wed, 20 Apr 2022 02:06:50 GMT
via
1.1 varnish, 1.1 varnish
age
397235
edge-cache-tag
410571578579575531933036186382600147017,329488345183777870587694299170317553807,29ecf9b93bbf306179626feeda1fab70
cache-tag
410571578579575531933036186382600147017,329488345183777870587694299170317553807,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
552
x-cache
MISS, MISS, MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_420%2Cw_840%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i1.wp.com/aldiario.com/wp-content/uploads/2021/06/img_60c4c34d03323.jpg%3Fw%3D662%26amp%3Bis-pending-load%3D1%23038%3Bssl%3D1
content-length
42706
x-request-id
2d3f8e4acb88d6904058c80b4fe6668b
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Fri, 08 Apr 2022 05:23:48 GMT
server
nginx
x-timer
S1650420410.148789,VS0,VE81
etag
"a567e43bdb6857e862fe12d7cff980cf"
x-served-by
cache-iad-kiad7000037-IAD, cache-iad-kcgs7200072-IAD, cache-chi-kigq8000169-CHI, cache-iad-kiad7000045-IAD, cache-cdg20773-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 0
c5f9c09f03aa90eb546f482bc057c599.jpeg
images.taboola.com/taboola/image/fetch/h_234,w_420,c_fill,g_xy_center,x_489,y_305/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_234,w_420,c_fill,g_xy_center,x_489,y_305/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c5f9c09f03aa90eb546f482bc057c599.jpeg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6552998742940e4653e354d769d284822ad3079d3aa2791e355cc7031b5ae3a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 20 Apr 2022 02:06:50 GMT
via
1.1 varnish, 1.1 varnish
age
1855904
edge-cache-tag
313985024498717833070276424048924388664,296416273787425788239334453118639457508,29ecf9b93bbf306179626feeda1fab70
cache-tag
313985024498717833070276424048924388664,296416273787425788239334453118639457508,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
307
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/h_234,w_420,c_fill,g_xy_center,x_489,y_305/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c5f9c09f03aa90eb546f482bc057c599.jpeg
content-length
9080
x-request-id
c809e8e654e4aaa63e98ec56e9a7af6c
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Mon, 28 Mar 2022 03:58:12 GMT
server
nginx
x-timer
S1650420410.153421,VS0,VE1
etag
"8698a80c3c289aab79ee009fe9342ffd"
x-served-by
cache-iad-kcgs7200075-IAD, cache-iad-kiad7000022-IAD, cache-sna10751-LGB, cache-iad-kcgs7200147-IAD, cache-cdg20773-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
1b1f50f2-4298-4e43-9698-0850c172b13d_1000x600.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/images/1b1f50f2-4298-4e43-9698-0850c172b13d_1000x600.jpeg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
23b748757b73adae0cf1be9be91149bb95a662855bddc6714ae99009e8de4a6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 20 Apr 2022 02:06:50 GMT
via
1.1 varnish, 1.1 varnish
age
1869813
edge-cache-tag
514016101713459517275130250879389512703,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
cache-tag
514016101713459517275130250879389512703,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
185
expiration
expiry-date="Mon, 18 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/images/1b1f50f2-4298-4e43-9698-0850c172b13d_1000x600.jpeg
content-length
10810
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Fri, 18 Mar 2022 14:56:15 GMT
server
nginx
x-timer
S1650420410.156664,VS0,VE1
etag
"e0aeb6f42fb3bb5d7464f1b88bc8b753"
x-served-by
cache-iad-kiad7000071-IAD, cache-iad-kiad7000179-IAD, cache-sna10730-LGB, cache-iad-kcgs7200147-IAD, cache-cdg20773-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
eac414c4e438d41b3a28ea0978da0353.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_420%2Cw_840%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_420%2Cw_840%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eac414c4e438d41b3a28ea0978da0353.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e0649fc170d5fee0d5326e93b1d0e481d831db57dfd657bfc53ebd349e4971f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
914
date
Wed, 20 Apr 2022 02:06:51 GMT
via
1.1 varnish, 1.1 varnish
age
0
edge-cache-tag
421865274848735964518138095383302572378,329488345183777870587694299170317553807,29ecf9b93bbf306179626feeda1fab70
cache-tag
421865274848735964518138095383302572378,329488345183777870587694299170317553807,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
736
x-cache
MISS, MISS, MISS, MISS, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_420%2Cw_840%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eac414c4e438d41b3a28ea0978da0353.jpg
content-length
13322
x-request-id
9718b0311088fed76d3d1981b92413ff
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Fri, 15 Apr 2022 05:32:25 GMT
server
nginx
x-timer
S1650420410.179743,VS0,VE914
etag
"efebfe48191eca92170937f63c0accfa"
x-served-by
cache-iad-kjyo7100168-IAD, cache-iad-kjyo7100076-IAD, cache-sna10746-LGB, cache-iad-kcgs7200134-IAD, cache-cdg20773-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 0
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.7.0/ 		100 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.7.0/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220417-11_b2-PR-43648-DEV-109130-add-taboola-push-api-to-force-trc_-params-into-json-call-104bbd149d4-SNAPSHOT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc8d3b3701a95fae0ceb13be485bd16a31dcd0417066c9cc604d6c12e89bcd70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:50 GMT
via
1.1 ad8435b5d8ce6330cfea09301a17c5b8.cloudfront.net (CloudFront), 1.1 varnish
age
1172168
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
29447
x-served-by
cache-cdg20773-CDG
last-modified
Wed, 06 Apr 2022 12:29:49 GMT
server
AmazonS3
x-timer
S1650420410.179850,VS0,VE0
etag
"502f5feb374777b76d7055c7263bab22"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
CDG50-C2
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
NFhmU_hUZJgn7cKgd_Yiz-JX-zloKwaCrUlVB_0emXFF3oFDq155DQ==
x-cache-hits
19037
plan
ssp.tenmax.io/supply/v3/native/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.tenmax.io/supply/v3/native/plan?rmaxSpaceId=d1becdb66bca40ce&referer=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&cacheBuster=545b5118-6658-4207-a05d-1e3e385d2871
Requested by
Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/universal.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
f625c305c3c962ceed6410652de048f18e72d104bbdff47f0ceaa384d60b268a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 02:06:52 GMT
Server
nginx
Vary
Origin
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
https://times.hinet.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
1478
X-Application-Context
application:prod,aggregator,build-ext:58070
view
securepubads.g.doubleclick.net/pcs/ Frame 4C76 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnWCVEssQ2e5iW3YlGcKjwIGWT2-F5pOPyNlTvzOWRK9Zn_JeXFNg0PdgGWODZfAYqvzuwPPevDkyc0jPEYs8GmmYxOtQa6xH2vEY4AtU6HzvCQY1qt7aWBMlRN0lBwggZEbG4uplSV3wAGB4mKLcFtoSvebj-468ejSzXr1KM9G1ehgInPvtwF1QeS9HJ0gDpN2OvPTKmPQ4FkBfw9NO6T3Sa2vilnQ37ic8LgwjSIcscqoVkMeNO4aE-9E7Ja_zMUyvVYGjdFUr2V_XwAgjHQrDF53in49Nr2zghkPcHChKS8j2NTzqYo8CuoWA8ICIk78_HgT8V1kjmvEqP&sig=Cg0ArKJSzN-VelTMVCslEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:06:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 4C76 		155 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4457659720163747
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1bc1d371b017238a64805d5bff2366749705407b4e9390d5dbd406a520802418
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Origin
https://times.hinet.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54303
x-xss-protection
0
server
cafe
etag
8174414112587188970
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 20 Apr 2022 02:06:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4C76 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650281421154365"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Apr 2022 02:06:50 GMT
ex.html
player.svc.litv.tv/v3/ Frame 10DB 		47 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQz|aGluZXQ=
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6db16d8afce57e4a01eb12c54e3722f2ce596d547cb2990c27bb8892ad1ea31

Request headers

Referer
https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQz|aGluZXQ=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
64279
content-encoding
gzip
content-type
text/html
date
Tue, 19 Apr 2022 08:15:31 GMT
etag
W/"50cdd10db3b554afc6957ee1511f0d70"
last-modified
Tue, 19 Apr 2022 08:14:12 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-id
ltuMlDJPYTrpef36OiXc_vLcQhVbtLPqDvHdFpf4aT3tZMz_uGlYrw==
x-amz-cf-pop
FRA50-C1
x-amz-version-id
5x9JN_7t3e23nQBUPD6Rli383GBlNQUX
x-cache
Hit from cloudfront
hinet3-config.json
player.svc.litv.tv/meta/config/ Frame 2197 		731 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.svc.litv.tv/meta/config/hinet3-config.json?cb=38204
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d8f92749cc2a265971215076bf9d8100900200556fee88fc2ab1612e39c1895

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQz|aGluZXQ=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
VndSgl.v2.Z4Pr9CIJrWO9KaCSAbaRvM
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 00:05:08 GMT
server
AmazonS3
age
20698
etag
"4bfde159a66239452dbb954c3c53425b"
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age=43200
date
Tue, 19 Apr 2022 20:21:53 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
731
x-amz-cf-id
k6vzQ7Aep2IpbHi68zrN2C55k8awtJv0rZwztSBsWgNlbdaf6KhddA==
3e5bba44-6bb3-4272-8958-45888164b9e8
https://player.svc.litv.tv/ Frame 2197 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://player.svc.litv.tv/3e5bba44-6bb3-4272-8958-45888164b9e8
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQz|aGluZXQ=
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
truncated
/ Frame 4C76 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51d1ef5d5ba168d33d8bde625502c54c423ef44bcf53c7c3799dcffb0cc9bf0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/ Frame 4C76 		303 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457659720163747&plah=times.hinet.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4457659720163747
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0b1a7bd224e6ea672bb07b36f8da8449f9cb6e863518d35ba06cbea67857442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110910
x-xss-protection
0
server
cafe
etag
3424336682309429867
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 20 Apr 2022 02:06:50 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/ Frame 92DE 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4457659720163747
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
18455
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4398
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 20:59:15 GMT
etag
14837630671339829333
expires
Tue, 03 May 2022 20:59:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
health.json
times.hinet.net/hinetlife2/data/ Frame 5B0B 		42 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/hinetlife2/data/health.json
Requested by
Host:
URL: webpack:///./saga/index.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
005d5464467462ad59800ecef725b74628c96c623583c8e0dabf712dfa9ebff4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Access-Control-Allow-Origin
*
Accept
application/json
Referer
https://times.hinet.net/hinetlife2/index.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
content-encoding
br
last-modified
Wed, 20 Apr 2022 01:00:02 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1;mode=block
x-request-id
d248cfa04ad1c9f4f85ccacbd170ab7f
money.json
times.hinet.net/hinetlife2/data/ Frame 5B0B 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/hinetlife2/data/money.json
Requested by
Host:
URL: webpack:///./saga/index.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
f83a7958fde7f01cb32fc45e3a4e6f55921626271dc47267f70a46b764b72cc9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Access-Control-Allow-Origin
*
Accept
application/json
Referer
https://times.hinet.net/hinetlife2/index.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
content-encoding
br
last-modified
Wed, 20 Apr 2022 01:00:03 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1;mode=block
x-request-id
c9249e202e485fe58fd77e8cfd77c768
style.json
times.hinet.net/hinetlife2/data/ Frame 5B0B 		33 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/hinetlife2/data/style.json
Requested by
Host:
URL: webpack:///./saga/index.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
611d0be362ef936c2ad04226e67fb242aaa8ce5053d2cfdcdb79f0ce7eb75f69
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Access-Control-Allow-Origin
*
Accept
application/json
Referer
https://times.hinet.net/hinetlife2/index.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
content-encoding
br
last-modified
Wed, 20 Apr 2022 01:00:03 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1;mode=block
x-request-id
56cc6c77eb22b122288cca9c5cfbbaa5
entertainment.json
times.hinet.net/hinetlife2/data/ Frame 5B0B 		25 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/hinetlife2/data/entertainment.json
Requested by
Host:
URL: webpack:///./saga/index.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
796d552d207a4a7aa4a8043eb64b3fb5092972d4395a6b014efac08f36c220f9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Access-Control-Allow-Origin
*
Accept
application/json
Referer
https://times.hinet.net/hinetlife2/index.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
content-encoding
br
last-modified
Wed, 20 Apr 2022 01:00:03 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1;mode=block
x-request-id
8e4bcec7134f8b31d3d8718c10f0caca
analytics.js
www.google-analytics.com/ Frame 5B0B 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host:
URL: webpack:///../~/react-ga/dist/esm/utils/loadGA.js?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6580
date
Wed, 20 Apr 2022 00:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 20 Apr 2022 02:17:11 GMT
st
imprammp.taboola.com/ Frame A770 		742 B
499 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66533115&crid=6438155&dast=V7DRoCFgNtpPJ1wQcE2gRtpPJ1wQcE2gUAAAAGBvQHGsWZsWa85WoxmwxWw9FusZiNhrvlaDYawkZxZqwZb7lazCaD1XC0GywGu9FqN5nMhlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73lCCptPhc93rRU-3y3MXOu0u013uMv3lLt_nL9kMZ8vVZjMHAAAAgAcAsZ4FiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAIXccA0AKA6DdtpNLrs_AAAeHkAAAAQwSAAO1J9KAFxexk8AAAAAAAAAAFj-____YwbubfZlBvw5vnoAHnwAHogKEIsYAQAAAARvOCgcTeqEyqIKAIAg3QrgCgAgAJAI11w5DAAAQEBMqX4juwQAS3ZsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCUX1xKUFPczMqP0CAgCs_QICALCpGwDAmwBcyJWg6XT4XPd60dPt8tyFTrvLdJe7TH-5y_f5SzbD2XK12YwuAFYXELMDAAAAuPv____HU6rfyC4BwJLVA6nlaLAabSwT53I5Wm42s5FnshsuTBvbymPxeCzbw7FNoElOt9brCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotL-BGAwGOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIkwvfwjXzbNaSjWW1Fo0mi7XENpitZQ6Lx7RwrByO3WIten1Mz9VwZtgMtygYMLIXwUU60TzMLs_N8rebni7LW-i0u0wXsURzskgnssu-tRwNVqONZeJcLkfLzWY28kx2w4VpY1t5LB6PZd9c-BaumWezlmwsq7VoNFmsJbbBbC1zWDymhWPlcOwWa9HrY3quhjPDZrhvzFaD0WQwGgz3jdlqMJoMRoPlvkNn-K4-Z6N6u9Z6bE6_NNu12BwGhctg8f4kpsW0OzuYTr6jU-eQLos6o-_6PXoNCs_BY5ooU2KdtS8TFpNXheNgUMQSwekinYhextNFLJE8LdKJamJbrBYWl81i2Zhcpt1qNPFsZjbPwmSyrRa73UQsUZou0ole7vJ9_pLNcLZcbTYT9R8ZYrmZS3ZzxWiuGKwSAAAAAAAAAMAS5sybAAAAAJwGtRjuNqvlAlTsOekCgwAAAAAAAOyqSIVbmEO53hQ3fjwxD7PLc7P87aany_IWOu0u05UBJszWmDd7Joi1Wi1rAAAAAWwAAIAAbt28BZxXcg!&cmcv=&pix=undefined&cb=1650420410509&uv=3165&tms=1650420410509&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!Noapp22_vB!pblc_vE!spa2_vA!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=E3F5F795162058471164879464&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.7.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Wed, 20 Apr 2022 02:06:51 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-cdg20773-CDG
x-timer
S1650420411.219025,VS0,VE11
sync
am-match.taboola.com/ Frame EF3F 		742 B
827 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7DRoCFgNtpPJ1wQcE2gRtpPJ1wQcE2gUAAAAGBvQHGsWZsWa85WoxmwxWw9FusZiNhrvlaDYawkZxZqwZb7lazCaD1XC0GywGu9FqN5nMhlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73lCCptPhc93rRU-3y3MXOu0u013uMv3lLt_nL9kMZ8vVZjMHAAAAgAcAsZ4FiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAIXccA0AKA6DdtpNLrs_AAAeHkAAAAQwSAAO1J9KAFxexk8AAAAAAAAAAFj-____YwbubfZlBvw5vnoAHnwAHogKEIsYAQAAAARvOCgcTeqEyqIKAIAg3QrgCgAgAJAI11w5DAAAQEBMqX4juwQAS3ZsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCUX1xKUFPczMqP0CAgCs_QICALCpGwDAmwBcyJWg6XT4XPd60dPt8tyFTrvLdJe7TH-5y_f5SzbD2XK12YwuAFYXELMDAAAAuPv____HU6rfyC4BwJLVA6nlaLAabSwT53I5Wm42s5FnshsuTBvbymPxeCzbw7FNoElOt9brCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotL-BGAwGOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIkwvfwjXzbNaSjWW1Fo0mi7XENpitZQ6Lx7RwrByO3WIten1Mz9VwZtgMtygYMLIXwUU60TzMLs_N8rebni7LW-i0u0wXsURzskgnssu-tRwNVqONZeJcLkfLzWY28kx2w4VpY1t5LB6PZd9c-BaumWezlmwsq7VoNFmsJbbBbC1zWDymhWPlcOwWa9HrY3quhjPDZrhvzFaD0WQwGgz3jdlqMJoMRoPlvkNn-K4-Z6N6u9Z6bE6_NNu12BwGhctg8f4kpsW0OzuYTr6jU-eQLos6o-_6PXoNCs_BY5ooU2KdtS8TFpNXheNgUMQSwekinYhextNFLJE8LdKJamJbrBYWl81i2Zhcpt1qNPFsZjbPwmSyrRa73UQsUZou0ole7vJ9_pLNcLZcbTYT9R8ZYrmZS3ZzxWiuGKwSAAAAAAAAAMAS5sybAAAAAJwGtRjuNqvlAlTsOekCgwAAAAAAAOyqSIVbmEO53hQ3fjwxD7PLc7P87aany_IWOu0u05UBJszWmDd7Joi1Wi1rAAAAAWwAAIAAbt28BZxXcg!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.7.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Wed, 20 Apr 2022 02:06:51 GMT
machineid
3406
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66533115&crid=6438155&dast=V7DRoCFgNtpPJ1wQcE2gRtpPJ1wQcE2gUAAAAGBvQHGsWZsWa85WoxmwxWw9FusZiNhrvlaDYawkZxZqwZb7lazCaD1XC0GywGu9FqN5nMhlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73lCCptPhc93rRU-3y3MXOu0u013uMv3lLt_nL9kMZ8vVZjMHAAAAgAcAsZ4FiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAIXccA0AKA6DdtpNLrs_AAAeHkAAAAQwSAAO1J9KAFxexk8AAAAAAAAAAFj-____YwbubfZlBvw5vnoAHnwAHogKEIsYAQAAAARvOCgcTeqEyqIKAIAg3QrgCgAgAJAI11w5DAAAQEBMqX4juwQAS3ZsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCUX1xKUFPczMqP0CAgCs_QICALCpGwDAmwBcyJWg6XT4XPd60dPt8tyFTrvLdJe7TH-5y_f5SzbD2XK12YwuAFYXELMDAAAAuPv____HU6rfyC4BwJLVA6nlaLAabSwT53I5Wm42s5FnshsuTBvbymPxeCzbw7FNoElOt9brCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotL-BGAwGOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIkwvfwjXzbNaSjWW1Fo0mi7XENpitZQ6Lx7RwrByO3WIten1Mz9VwZtgMtygYMLIXwUU60TzMLs_N8rebni7LW-i0u0wXsURzskgnssu-tRwNVqONZeJcLkfLzWY28kx2w4VpY1t5LB6PZd9c-BaumWezlmwsq7VoNFmsJbbBbC1zWDymhWPlcOwWa9HrY3quhjPDZrhvzFaD0WQwGgz3jdlqMJoMRoPlvkNn-K4-Z6N6u9Z6bE6_NNu12BwGhctg8f4kpsW0OzuYTr6jU-eQLos6o-_6PXoNCs_BY5ooU2KdtS8TFpNXheNgUMQSwekinYhextNFLJE8LdKJamJbrBYWl81i2Zhcpt1qNPFsZjbPwmSyrRa73UQsUZou0ole7vJ9_pLNcLZcbTYT9R8ZYrmZS3ZzxWiuGKwSAAAAAAAAAMAS5sybAAAAAJwGtRjuNqvlAlTsOekCgwAAAAAAAOyqSIVbmEO53hQ3fjwxD7PLc7P87aany_IWOu0u05UBJszWmDd7Joi1Wi1rAAAAAWwAAIAAbt28BZxXcg!&cmcv=&pix=31589837&cb=1650420410509&uv=3165&tms=1650420410509&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!Noapp22_vB!pblc_vE!spa2_vA!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1650420400499.3!ts:1650420410509&mntl=1
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
content-length
0
server
nginx
bulk
trc.taboola.com/salesfrontier-hinet/log/3/ 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/salesfrontier-hinet/log/3/bulk?route=AM%3AAM%3AV&lti=forced-qp-6_var1&bulkSize=7
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220417-11_b2-PR-43648-DEV-109130-add-taboola-push-api-to-force-trc_-params-into-json-call-104bbd149d4-SNAPSHOT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
12
pragma
no-cache
date
Wed, 20 Apr 2022 02:06:51 GMT
via
1.1 varnish
server
nginx
x-timer
S1650420411.218724,VS0,VE12
x-served-by
cache-cdg20773-CDG
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
visible
trc.taboola.com/salesfrontier-hinet/log/3/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/salesfrontier-hinet/log/3/visible?route=AM%3AAM%3AV&lti=forced-qp-6_var1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220417-11_b2-PR-43648-DEV-109130-add-taboola-push-api-to-force-trc_-params-into-json-call-104bbd149d4-SNAPSHOT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
11
pragma
no-cache
date
Wed, 20 Apr 2022 02:06:51 GMT
via
1.1 varnish
server
nginx
x-timer
S1650420411.218944,VS0,VE11
x-served-by
cache-cdg20773-CDG
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
3426
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
zDuIcdt6S3stmzYEfDXrVDdNiMz2/9b67ArEVSE+q2VR4x9Mp+wDNkBA2o6YRkq7ELRmLKpGRJk=
x-served-by
cache-cdg20773-CDG
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1650420411.287767,VS0,VE0
date
Wed, 20 Apr 2022 02:06:51 GMT
x-amz-request-id
YPR93VMR3A8JGEX4
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
37
x-cache-hits
38
js
www.googletagmanager.com/gtag/ Frame 10DB 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-59507085-1
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQz|aGluZXQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9c44cdc0bd6fad0161e765482b735bbaea0490dbeb031fa5aa8bd1f0af50f782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38761
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Apr 2022 02:06:51 GMT
utag.js
t.ssp.hinet.net/ Frame 10DB 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQz|aGluZXQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 08:43:40 GMT
server
nginx
etag
W/"6215f3bc-11a3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Wed, 20 Apr 2022 02:16:51 GMT
video_m.css
www.hinet.net/resources/freevideo/css/ Frame 0DBE 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hinet.net/resources/freevideo/css/video_m.css
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
446a920d78747ec1b48b4d70a242ad5d3c583bcea9ae97c91bb39b57e199a70b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
content-encoding
br
x-content-type-options
nonsniff
last-modified
Mon, 13 Sep 2021 08:51:46 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
text/css
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
vary
Accept-Encoding, Accept-Encoding,User-Agent
x-xss-protection
1;mode=block
x-request-id
b2ea3200d25dc4507e9c48716464ed53
jquery-3.5.0.min.js
www.hinet.net/resources/freevideo/js/ Frame 0DBE 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hinet.net/resources/freevideo/js/jquery-3.5.0.min.js
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
content-encoding
br
x-content-type-options
nonsniff
last-modified
Mon, 13 Sep 2021 08:51:46 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
application/javascript
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
vary
Accept-Encoding, Accept-Encoding,User-Agent
x-xss-protection
1;mode=block
x-request-id
a1f806f3b7df4627825b50395d5776f3
flowplayer-3.2.12.min.js
cdn.jsdelivr.net/flowplayerflash/3.2.16/ Frame 0DBE 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/flowplayerflash/3.2.16/flowplayer-3.2.12.min.js
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
558c137ae8d2421d46b2ced70dc3d8eb54a63544a53930b30a555b7686001c91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
201741
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19156-FRA, cache-cdg20774-CDG
timing-allow-origin
*
server
cloudflare
etag
W/"3f90-ZX1G66yUNOgp4y1IZgaD9tXEZLE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IORYdY4ISXCDm%2B6fTs%2FFeAzpr2DKFF1IQH2mDTuNnq1valX5YqyqQBz8k%2FGuNI%2BRTfzNnHwwqxD3cRmGPZej8U6AT1%2FAeXy2EALEhaHJjwLZhE048aYqJhNrL6FJv2K60HaeG63R428E8wkKERM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6fea52b37a5701f4-ZRH
utag.js
t.ssp.hinet.net/ Frame 0DBE 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 08:43:40 GMT
server
nginx
etag
W/"6215f3bc-11a3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Wed, 20 Apr 2022 02:16:51 GMT
340x210.jpg
www.hinet.net/resources/images/ Frame 0DBE 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/resources/images/340x210.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
affc7465346ea96f040285c0a25779820afddb764f9e9bf8e6fdfe3162891602
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
x-content-type-options
nonsniff
last-modified
Mon, 13 Sep 2021 08:51:46 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
16643
x-xss-protection
1;mode=block
x-request-id
3a2724ebe541c9026da85e7a2db7f244
17a1833f605000003c1c.png
www.hinet.net/data/upload/election/ Frame 0DBE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1833f605000003c1c.png
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
b0bbaadba0e46405bfde24d4492d85c49a548102a6150720deafa2adcac4ecaf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 04:21:54 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/png
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
2121
x-xss-protection
1;mode=block
x-request-id
56565b49dec56ca30a5031478842d9d4
17a1843eed1000001ad3.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1843eed1000001ad3.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
6f036fa79597e97410bbe9a223a92ed409aa34b72175e0f4a2917e70eb49171b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 04:39:20 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
11892
x-xss-protection
1;mode=block
x-request-id
3a638b3e700db84b95cf2f9a094039d8
17a18341706000007a85.png
www.hinet.net/data/upload/election/ Frame 0DBE 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a18341706000007a85.png
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
a0a5acfaf87f0963217eff8390e77a005f0e4dd6d08b324e1c9af9f911796cdf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 04:22:02 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/png
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
3427
x-xss-protection
1;mode=block
x-request-id
5d8a0581089c22754586dd508cb078fd
17a1834a4f500000bb59.png
www.hinet.net/data/upload/election/ Frame 0DBE 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1834a4f500000bb59.png
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
364d46add4e2a123d4deebc10a3f3ff40444ae6303cdccc6ecf319f9c2db41c5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 04:22:38 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/png
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
25024
x-xss-protection
1;mode=block
x-request-id
e2e488a07d242f74b801db53bafbce5f
17a18352dd20000022d5.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a18352dd20000022d5.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
6ac8a6a5a955091ee9269f2f9b738859ad85e013ce22d70ad560451e9b40f863
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 04:23:13 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
11037
x-xss-protection
1;mode=block
x-request-id
133c53c978d1df79da4835899ff3d9c3
17b7c16d01c00000b561.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17b7c16d01c00000b561.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
939e7ed4cc62d8c8b958e48e5cfe0a176e10e80e8f9cbe8e4fa983ba4c445732
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
x-content-type-options
nonsniff
last-modified
Wed, 25 Aug 2021 06:54:27 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
4920
x-xss-protection
1;mode=block
x-request-id
8337272d581552d37d2735c76b97b708
17a1838c8f30000013f1.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1838c8f30000013f1.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
253eb5746eca714be94d1a0c70b0bd6216d681a4dea0b1745bdb43ed69fab701
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 04:27:10 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
10730
x-xss-protection
1;mode=block
x-request-id
cb2cdef2f9d2b371f51c59abe3ef9d11
17a1839096200000ba68.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1839096200000ba68.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
dd382c876fd7255e44e3df2dc05e7a35755a9e9bb60d056a96e01ad135f952c8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 04:27:26 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
10234
x-xss-protection
1;mode=block
x-request-id
00ff2ac946af6669a77e5f0df1781cbb
17a183942820000037b1.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a183942820000037b1.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
6c46b95b6a04469c152640a5caa33a1e4060b1c1515fca04e33acf71a697d1a6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 04:27:41 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
9971
x-xss-protection
1;mode=block
x-request-id
0ad8c262dc569a2d1e87e026e2df7b32
17a18398e1d000008475.png
www.hinet.net/data/upload/election/ Frame 0DBE 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a18398e1d000008475.png
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
aa82c59435aa8476c1d1507d803be1dbbf6c3dc422048a565fed9eb405c5d1fe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 04:28:00 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/png
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
16187
x-xss-protection
1;mode=block
x-request-id
d6ad8e224642eb4ac58dc825639affd2
17b7c49e917000008330.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17b7c49e917000008330.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
5f78b376c449eb72346fd7e6c3a1ef6afe242cb9953117ec67474f3dc5c46220
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Wed, 25 Aug 2021 07:50:16 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
4753
x-xss-protection
1;mode=block
x-request-id
3cddcff5f0de89095d2d8ddf9b4e08b1
17a183dc058000001121.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a183dc058000001121.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
1997e5fae742597b647978f12afc735e576dfabc72dfdb95466f976b039af5fa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 04:32:35 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
11247
x-xss-protection
1;mode=block
x-request-id
2e66e19742e196b226e1123ad195316f
17a183e03a5000008a91.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a183e03a5000008a91.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
04dccc299261a1c9f8a37a7527a673973fcf7343ff13cb43a4a690c373284ccc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 04:32:52 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
8533
x-xss-protection
1;mode=block
x-request-id
478c563ad488dd472e6a18072ab70f95
17a183e4479000006050.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a183e4479000006050.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
d0365d6c9d95c7fc1f71e4d607e55cbb1031662f3870be65a4b40b4bff3449e8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 04:33:09 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
9838
x-xss-protection
1;mode=block
x-request-id
4fb2328a3347601c6a1332d4cc801fff
17a183ea2f400000695a.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a183ea2f400000695a.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
5200e468e0ee79e62e5bd0cd20bf633ab19fbbbb728dbb690d461afbf9ffef9e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 04:33:33 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
11223
x-xss-protection
1;mode=block
x-request-id
07a85c91048f9fe8fed40217a5adf2dd
17a183ee00f0000001eb.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a183ee00f0000001eb.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
610db2765a546cd3df8577915e1864fb3d8563083774c6168ef38fbcaade4d10
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 04:33:49 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
8153
x-xss-protection
1;mode=block
x-request-id
5524830db6019aaff3463f033e9ab0db
17a183f2a6c00000017b.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a183f2a6c00000017b.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
dd1fe4f8a74b8e4e567fd9ada0d5a70b18022de00b536b77a59c4425baf26293
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 04:34:08 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
11050
x-xss-protection
1;mode=block
x-request-id
019feac385b208c9ae753e6759f11001
17a183f6aa700000a67e.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a183f6aa700000a67e.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
d7bcb7b0529ef5c289a8d8302b60f946370caa9e8c077bc353517668767a5958
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 04:34:24 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
9118
x-xss-protection
1;mode=block
x-request-id
9c8d6a529f73f66941607320a0f57f6f
17a1843bea60000060ca.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1843bea60000060ca.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
ddb268570d64a641ebb583735c70e62d40a83b000df689a19bd53bf034ede2e6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 04:39:08 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
10493
x-xss-protection
1;mode=block
x-request-id
698b51b57e14ee0b4ebd043060d1e4f4
17a1844259f000004e62.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1844259f000004e62.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
f2f0360da4f889974f00040b2da4c152456efe290a8d7ec533e9ad8404ac64f0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 04:39:34 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
11251
x-xss-protection
1;mode=block
x-request-id
9bc053db64f448eb181740b981c726e4
17a1844ccac000004b2b.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1844ccac000004b2b.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
3ba185428dae889fa4874cb4985e4e057c69fc55eea670452d9e02a75f11b7d8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 04:40:17 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
10245
x-xss-protection
1;mode=block
x-request-id
0fee1897cf95c46b7282201952ddecfc
17a18450b9b00000b7c6.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a18450b9b00000b7c6.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
a7ce9a3a3497bd8dfc36ac8f2437b7ed699b3041fed13be80fb0fed3f24716b4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 04:40:33 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
11158
x-xss-protection
1;mode=block
x-request-id
12fcab71a5cf45070a724ce1fb0a5e9b
17a184557f4000005aec.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a184557f4000005aec.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
ff0014235e8e7f8387c727fc3ad3ca6d75780c07a41ad85efdc005645cb7bc9b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 04:40:53 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
8753
x-xss-protection
1;mode=block
x-request-id
eec36d733e4d9c46d6a9f970586f5e6e
17a18459bab00000787f.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a18459bab00000787f.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
a06fcec0798cf647e7214434bc14ee170b6bd6c0b123749d1716ca1ae1cf4cf2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 04:41:10 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
11469
x-xss-protection
1;mode=block
x-request-id
86229b4c57f9e42671fd8e867c87e32e
17a18460cf4000006f8a.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a18460cf4000006f8a.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
d0365d6c9d95c7fc1f71e4d607e55cbb1031662f3870be65a4b40b4bff3449e8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 04:41:39 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
9838
x-xss-protection
1;mode=block
x-request-id
b2dc520e835fa70113ab1ef5eb4087ad
17a18464655000003336.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a18464655000003336.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
11093965cab85c1e47839623f442f8fd9e9f196f97b4b1b2e9db42a51c3515ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 04:41:54 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
12341
x-xss-protection
1;mode=block
x-request-id
9807d421c5e98bf30bd96f19e49eb012
17a184684960000029c1.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a184684960000029c1.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
17ed3bb9d1c1bc6107ccd9b77e2afea2adcf57843f1ffe43fab4e7f7138cd356
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 04:42:10 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
9195
x-xss-protection
1;mode=block
x-request-id
a1f6a0c6874ab26bf5cfeccde4c8a520
17a1846bec200000152a.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1846bec200000152a.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
a27b0d8ced8f1461a7f63953a04e799cd081285b034ae2b2a6470be73b22adaa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 04:42:25 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
9490
x-xss-protection
1;mode=block
x-request-id
123b294d5c8c352a78f5338713e0a786
17a1848b23600000bda7.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1848b23600000bda7.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
62e30fa31740babccb972d2544d6cf48356ad7d5864229f9d0750d5ae77a3a88
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 04:44:32 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
8325
x-xss-protection
1;mode=block
x-request-id
e98e5291ba25a1516b83f4c9e6115086
17a1892fcec000000cd5.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1892fcec000000cd5.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
da6739c0a1154c50bde6c6ec8feae23247eb9f672707e14286067e69fcca99ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 06:05:41 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
5387
x-xss-protection
1;mode=block
x-request-id
a1f2deaa2cafcb2dfaf45a47412936a6
17a189494b500000059f.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a189494b500000059f.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
da6739c0a1154c50bde6c6ec8feae23247eb9f672707e14286067e69fcca99ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 06:07:26 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
5387
x-xss-protection
1;mode=block
x-request-id
495d1ca75b0ee334fc54996679df8588
17a1894d4710000061c3.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1894d4710000061c3.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
da6739c0a1154c50bde6c6ec8feae23247eb9f672707e14286067e69fcca99ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 06:07:42 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
5387
x-xss-protection
1;mode=block
x-request-id
30784cfcfac148429653500198578486
17a18952a780000037d6.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a18952a780000037d6.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
da6739c0a1154c50bde6c6ec8feae23247eb9f672707e14286067e69fcca99ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 06:08:04 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
5387
x-xss-protection
1;mode=block
x-request-id
6b8a9694fdfbdbe4b4dd5a1828d7c626
17a1895577d000005f40.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1895577d000005f40.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
da6739c0a1154c50bde6c6ec8feae23247eb9f672707e14286067e69fcca99ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 06:08:16 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
5387
x-xss-protection
1;mode=block
x-request-id
a833815d83a48b5155b38d32dd016f48
17a1895860d000002d38.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1895860d000002d38.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
da6739c0a1154c50bde6c6ec8feae23247eb9f672707e14286067e69fcca99ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 06:08:27 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
5387
x-xss-protection
1;mode=block
x-request-id
a1471cbe4e74a69be8da5eabb786bb1e
17a1895c26c0000058a8.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1895c26c0000058a8.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
da6739c0a1154c50bde6c6ec8feae23247eb9f672707e14286067e69fcca99ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 06:08:43 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
5387
x-xss-protection
1;mode=block
x-request-id
0e2c7f54f6eb10a654c3f750917262fe
17a1895f5ad000009fcd.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1895f5ad000009fcd.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
da6739c0a1154c50bde6c6ec8feae23247eb9f672707e14286067e69fcca99ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 06:08:56 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
5387
x-xss-protection
1;mode=block
x-request-id
b64af433d1de92a3e003ace9dee851da
17a1896290e000000a8c.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1896290e000000a8c.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
da6739c0a1154c50bde6c6ec8feae23247eb9f672707e14286067e69fcca99ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 06:09:09 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
5387
x-xss-protection
1;mode=block
x-request-id
a24de12cdf2669e391a8522326cdee3b
17a18965556000004e77.jpg
www.hinet.net/data/upload/election/ Frame 0DBE 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a18965556000004e77.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
da6739c0a1154c50bde6c6ec8feae23247eb9f672707e14286067e69fcca99ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Thu, 17 Jun 2021 06:09:21 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/jpeg
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
5387
x-xss-protection
1;mode=block
x-request-id
99f0d7db0850d34352501765abf2ff6d
td_js_sdk_171.js
api.popin.cc/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/td_js_sdk_171.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/hinet_times.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 02:06:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jan 2018 09:42:51 GMT
Server
nginx
ETag
W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status
HIT from 10.252.55.25
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
x-amz-version-id
null
Expires
Wed, 20 Apr 2022 03:06:51 GMT
recommend
tw.popin.cc/popin_discovery/ 		53 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tw.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&&device=pc&media=times.hinet.net&extra=windows&agency=popin-tw&topn=50&ad=100&r_category=all&country=tw&redirect=true&uid=6d9d3bf415db68aa9011650420410716&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTAwLjAuNDg5NiIsInVzZXJfdGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidXNlcl90ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInVzZXJfdGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDAuMC40ODk2Ljc1IFNhZmFyaS81MzcuMzYiLCJ1c2VyX3RkX3JlZmVycmVyIjoiIiwidXNlcl90ZF9wYXRoIjoiL25ld3MvMjM4Njk1MzMiLCJ1c2VyX3RkX2NoYXJzZXQiOiJ1dGYtOCIsInVzZXJfdGRfbGFuZ3VhZ2UiOiJlbi11cyIsInVzZXJfdGRfY29sb3IiOiIyNC1iaXQiLCJ1c2VyX3RkX3RpdGxlIjoiJUU2JTk3JUE1JUU1JTlDJTkzJUU1JThDJUFGJUU3JThFJTg3JUU1JUE0JUE3JUU4JUI3JUIzJUU2JUIwJUI0JUU5JUE5JTlBJUU4JUE2JThCMC4yMzE1JUU1JTg1JTgzJTIwJUU1JTg2JThEJUU2JThFJUEyJUU4JUJGJTkxMjUlRTUlQjklQjQlRTYlOTYlQjAlRTQlQkQlOEUtJUU4JUIyJUExJUU3JUI2JTkzLUhpTmV0JUU3JTk0JTlGJUU2JUI0JUJCJUU4JUFBJThDIiwidXNlcl90ZF91cmwiOiJodHRwczovL3RpbWVzLmhpbmV0Lm5ldC9uZXdzLzIzODY5NTMzIiwidXNlcl90ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInVzZXJfdGRfaG9zdCI6InRpbWVzLmhpbmV0Lm5ldCIsInVzZXJfZGV2aWNlIjoicGMiLCJ1c2VyX3RpbWUiOjE2NTA0MjA0MTA3MTgsImZydWl0X2JveF9wb3NpdGlvbiI6IiIsImZydWl0X3N0eWxlIjoiIn0=&alg=ltr&callback=_p6_961ad83b2d16
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/hinet_times.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.189 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
4002ce2efa20d093b1d700a97001f3071d9480d2ba56ba56350db172dbcd7c25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
content-encoding
gzip
cross-origin-resource-policy
cross-origin
server
nginx/1.13.5
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
popin_discovery5-min.js
api.popin.cc/ 		154 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/popin_discovery5-min.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/hinet_times.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
aaf58fe585cbcc76094d23707910520dc7e2e9130342905aff91c58cd462c2fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 02:06:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Apr 2022 08:36:23 GMT
Server
nginx
ETag
W/"9267ef3f59cd4d8de5ccc52b18079758"
X-Cache-Status
HIT from 10.252.55.44
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
x-amz-version-id
sVvalQm6suT60X6sTlpcRHr4race4PAb
Expires
Wed, 20 Apr 2022 03:06:51 GMT
gtm.js
www.googletagmanager.com/ Frame 10DB 		88 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TXVNLXL
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQz|aGluZXQ=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
763bb2c0bde38ed51a85e774c4d38ade02cc9f0d65e39ca1ece77a589e86646c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34838
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Apr 2022 02:06:51 GMT
dms.js
fino.svc.litv.tv/acs/ Frame 10DB 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fino.svc.litv.tv/acs/dms.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQz|aGluZXQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-9.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5b27c9c7226962d8841824af1929aa5d512c99c91f25eb84512be917e897e93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
2DHBAE_mtD6o2PKYw8R0BKU9ykPtbN4.
content-encoding
gzip
last-modified
Mon, 27 Dec 2021 04:39:13 GMT
server
AmazonS3
age
75985
etag
W/"bf0b1d2c0f302f8820abdbfe331bc5d6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 47755cdb8b36419a04f12ee3c24f7fae.cloudfront.net (CloudFront)
date
Tue, 19 Apr 2022 05:00:27 GMT
x-amz-cf-pop
MUC50-P1
x-amz-cf-id
1FA5YspNGIAphnuJbyah59N_EWDixi2ktGXJEnk7wKx3U7kWmULnZQ==
cookie.js
partner.googleadservices.com/gampad/ Frame 4C76 		213 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=times.hinet.net&callback=_gfp_s_&client=ca-pub-4457659720163747&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457659720163747&plah=times.hinet.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
98da90ff6e70a33b2d7d484e6c08b970f621938106a10fb5a2d3bce7bc501180
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
200
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 4C76 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457659720163747&plah=times.hinet.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:06:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4C76 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457659720163747&plah=times.hinet.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:06:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C76 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&tn=DIV&id=goTop&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 7C4A 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&adk=1812271804&adf=3407277731&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420410249&bpp=3&bdt=747&idt=533&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&nras=1&correlator=7627605533712&frm=23&ife=4&pv=2&ga_vid=1746851889.1650420409&ga_sid=1650420411&ga_hid=248024629&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=580&ish=400&ifk=2341075057&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C182982000%2C182982200&oid=2&pvsid=3975703067766539&pem=129&tmod=1293801012&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.886dxwl8r4mt&btvi=1&fsb=1&dtd=585
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457659720163747&plah=times.hinet.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:06:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sync
taboola-supply-partners.tremorhub.com/ Frame A770 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66533115&crid=6438155&dast=V7DRoCFgNtpPJ1wQcE2gRtpPJ1wQcE2gUAAAAGBvQHGsWZsWa85WoxmwxWw9FusZiNhrvlaDYawkZxZqwZb7lazCaD1XC0GywGu9FqN5nMhlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73lCCptPhc93rRU-3y3MXOu0u013uMv3lLt_nL9kMZ8vVZjMHAAAAgAcAsZ4FiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAIXccA0AKA6DdtpNLrs_AAAeHkAAAAQwSAAO1J9KAFxexk8AAAAAAAAAAFj-____YwbubfZlBvw5vnoAHnwAHogKEIsYAQAAAARvOCgcTeqEyqIKAIAg3QrgCgAgAJAI11w5DAAAQEBMqX4juwQAS3ZsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCUX1xKUFPczMqP0CAgCs_QICALCpGwDAmwBcyJWg6XT4XPd60dPt8tyFTrvLdJe7TH-5y_f5SzbD2XK12YwuAFYXELMDAAAAuPv____HU6rfyC4BwJLVA6nlaLAabSwT53I5Wm42s5FnshsuTBvbymPxeCzbw7FNoElOt9brCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotL-BGAwGOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIkwvfwjXzbNaSjWW1Fo0mi7XENpitZQ6Lx7RwrByO3WIten1Mz9VwZtgMtygYMLIXwUU60TzMLs_N8rebni7LW-i0u0wXsURzskgnssu-tRwNVqONZeJcLkfLzWY28kx2w4VpY1t5LB6PZd9c-BaumWezlmwsq7VoNFmsJbbBbC1zWDymhWPlcOwWa9HrY3quhjPDZrhvzFaD0WQwGgz3jdlqMJoMRoPlvkNn-K4-Z6N6u9Z6bE6_NNu12BwGhctg8f4kpsW0OzuYTr6jU-eQLos6o-_6PXoNCs_BY5ooU2KdtS8TFpNXheNgUMQSwekinYhextNFLJE8LdKJamJbrBYWl81i2Zhcpt1qNPFsZjbPwmSyrRa73UQsUZou0ole7vJ9_pLNcLZcbTYT9R8ZYrmZS3ZzxWiuGKwSAAAAAAAAAMAS5sybAAAAAJwGtRjuNqvlAlTsOekCgwAAAAAAAOyqSIVbmEO53hQ3fjwxD7PLc7P87aany_IWOu0u05UBJszWmDd7Joi1Wi1rAAAAAWwAAIAAbt28BZxXcg!&cmcv=&pix=undefined&cb=1650420410509&uv=3165&tms=1650420410509&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!Noapp22_vB!pblc_vE!spa2_vA!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=E3F5F795162058471164879464&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:5e70:34f8:9284:341c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame A770 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66533115&crid=6438155&dast=V7DRoCFgNtpPJ1wQcE2gRtpPJ1wQcE2gUAAAAGBvQHGsWZsWa85WoxmwxWw9FusZiNhrvlaDYawkZxZqwZb7lazCaD1XC0GywGu9FqN5nMhlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73lCCptPhc93rRU-3y3MXOu0u013uMv3lLt_nL9kMZ8vVZjMHAAAAgAcAsZ4FiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAIXccA0AKA6DdtpNLrs_AAAeHkAAAAQwSAAO1J9KAFxexk8AAAAAAAAAAFj-____YwbubfZlBvw5vnoAHnwAHogKEIsYAQAAAARvOCgcTeqEyqIKAIAg3QrgCgAgAJAI11w5DAAAQEBMqX4juwQAS3ZsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCUX1xKUFPczMqP0CAgCs_QICALCpGwDAmwBcyJWg6XT4XPd60dPt8tyFTrvLdJe7TH-5y_f5SzbD2XK12YwuAFYXELMDAAAAuPv____HU6rfyC4BwJLVA6nlaLAabSwT53I5Wm42s5FnshsuTBvbymPxeCzbw7FNoElOt9brCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotL-BGAwGOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIkwvfwjXzbNaSjWW1Fo0mi7XENpitZQ6Lx7RwrByO3WIten1Mz9VwZtgMtygYMLIXwUU60TzMLs_N8rebni7LW-i0u0wXsURzskgnssu-tRwNVqONZeJcLkfLzWY28kx2w4VpY1t5LB6PZd9c-BaumWezlmwsq7VoNFmsJbbBbC1zWDymhWPlcOwWa9HrY3quhjPDZrhvzFaD0WQwGgz3jdlqMJoMRoPlvkNn-K4-Z6N6u9Z6bE6_NNu12BwGhctg8f4kpsW0OzuYTr6jU-eQLos6o-_6PXoNCs_BY5ooU2KdtS8TFpNXheNgUMQSwekinYhextNFLJE8LdKJamJbrBYWl81i2Zhcpt1qNPFsZjbPwmSyrRa73UQsUZou0ole7vJ9_pLNcLZcbTYT9R8ZYrmZS3ZzxWiuGKwSAAAAAAAAAMAS5sybAAAAAJwGtRjuNqvlAlTsOekCgwAAAAAAAOyqSIVbmEO53hQ3fjwxD7PLc7P87aany_IWOu0u05UBJszWmDd7Joi1Wi1rAAAAAWwAAIAAbt28BZxXcg!&cmcv=&pix=undefined&cb=1650420410509&uv=3165&tms=1650420410509&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!Noapp22_vB!pblc_vE!spa2_vA!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=E3F5F795162058471164879464&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame A770
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=8b3f0905-c04e-11ec-8bc0-19da87bf0206&orig=video&us_privacy=1---gdpr=1&
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=8b3f0905-c04e-11ec-8bc0-19da87bf0206&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66533115&crid=6438155&dast=V7DRoCFgNtpPJ1wQcE2gRtpPJ1wQcE2gUAAAAGBvQHGsWZsWa85WoxmwxWw9FusZiNhrvlaDYawkZxZqwZb7lazCaD1XC0GywGu9FqN5nMhlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73lCCptPhc93rRU-3y3MXOu0u013uMv3lLt_nL9kMZ8vVZjMHAAAAgAcAsZ4FiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAIXccA0AKA6DdtpNLrs_AAAeHkAAAAQwSAAO1J9KAFxexk8AAAAAAAAAAFj-____YwbubfZlBvw5vnoAHnwAHogKEIsYAQAAAARvOCgcTeqEyqIKAIAg3QrgCgAgAJAI11w5DAAAQEBMqX4juwQAS3ZsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCUX1xKUFPczMqP0CAgCs_QICALCpGwDAmwBcyJWg6XT4XPd60dPt8tyFTrvLdJe7TH-5y_f5SzbD2XK12YwuAFYXELMDAAAAuPv____HU6rfyC4BwJLVA6nlaLAabSwT53I5Wm42s5FnshsuTBvbymPxeCzbw7FNoElOt9brCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotL-BGAwGOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIkwvfwjXzbNaSjWW1Fo0mi7XENpitZQ6Lx7RwrByO3WIten1Mz9VwZtgMtygYMLIXwUU60TzMLs_N8rebni7LW-i0u0wXsURzskgnssu-tRwNVqONZeJcLkfLzWY28kx2w4VpY1t5LB6PZd9c-BaumWezlmwsq7VoNFmsJbbBbC1zWDymhWPlcOwWa9HrY3quhjPDZrhvzFaD0WQwGgz3jdlqMJoMRoPlvkNn-K4-Z6N6u9Z6bE6_NNu12BwGhctg8f4kpsW0OzuYTr6jU-eQLos6o-_6PXoNCs_BY5ooU2KdtS8TFpNXheNgUMQSwekinYhextNFLJE8LdKJamJbrBYWl81i2Zhcpt1qNPFsZjbPwmSyrRa73UQsUZou0ole7vJ9_pLNcLZcbTYT9R8ZYrmZS3ZzxWiuGKwSAAAAAAAAAMAS5sybAAAAAJwGtRjuNqvlAlTsOekCgwAAAAAAAOyqSIVbmEO53hQ3fjwxD7PLc7P87aany_IWOu0u05UBJszWmDd7Joi1Wi1rAAAAAWwAAIAAbt28BZxXcg!&cmcv=&pix=undefined&cb=1650420410509&uv=3165&tms=1650420410509&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!Noapp22_vB!pblc_vE!spa2_vA!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=E3F5F795162058471164879464&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13193

Redirect headers

Date
Wed, 20 Apr 2022 02:06:51 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=8b3f0905-c04e-11ec-8bc0-19da87bf0206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
52
Connection
keep-alive
Content-Length
0
generic
match.adsrvr.org/track/cmf/ Frame EF3F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7DRoCFgNtpPJ1wQcE2gRtpPJ1wQcE2gUAAAAGBvQHGsWZsWa85WoxmwxWw9FusZiNhrvlaDYawkZxZqwZb7lazCaD1XC0GywGu9FqN5nMhlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73lCCptPhc93rRU-3y3MXOu0u013uMv3lLt_nL9kMZ8vVZjMHAAAAgAcAsZ4FiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAIXccA0AKA6DdtpNLrs_AAAeHkAAAAQwSAAO1J9KAFxexk8AAAAAAAAAAFj-____YwbubfZlBvw5vnoAHnwAHogKEIsYAQAAAARvOCgcTeqEyqIKAIAg3QrgCgAgAJAI11w5DAAAQEBMqX4juwQAS3ZsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCUX1xKUFPczMqP0CAgCs_QICALCpGwDAmwBcyJWg6XT4XPd60dPt8tyFTrvLdJe7TH-5y_f5SzbD2XK12YwuAFYXELMDAAAAuPv____HU6rfyC4BwJLVA6nlaLAabSwT53I5Wm42s5FnshsuTBvbymPxeCzbw7FNoElOt9brCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotL-BGAwGOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIkwvfwjXzbNaSjWW1Fo0mi7XENpitZQ6Lx7RwrByO3WIten1Mz9VwZtgMtygYMLIXwUU60TzMLs_N8rebni7LW-i0u0wXsURzskgnssu-tRwNVqONZeJcLkfLzWY28kx2w4VpY1t5LB6PZd9c-BaumWezlmwsq7VoNFmsJbbBbC1zWDymhWPlcOwWa9HrY3quhjPDZrhvzFaD0WQwGgz3jdlqMJoMRoPlvkNn-K4-Z6N6u9Z6bE6_NNu12BwGhctg8f4kpsW0OzuYTr6jU-eQLos6o-_6PXoNCs_BY5ooU2KdtS8TFpNXheNgUMQSwekinYhextNFLJE8LdKJamJbrBYWl81i2Zhcpt1qNPFsZjbPwmSyrRa73UQsUZou0ole7vJ9_pLNcLZcbTYT9R8ZYrmZS3ZzxWiuGKwSAAAAAAAAAMAS5sybAAAAAJwGtRjuNqvlAlTsOekCgwAAAAAAAOyqSIVbmEO53hQ3fjwxD7PLc7P87aany_IWOu0u05UBJszWmDd7Joi1Wi1rAAAAAWwAAIAAbt28BZxXcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame EF3F 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7DRoCFgNtpPJ1wQcE2gRtpPJ1wQcE2gUAAAAGBvQHGsWZsWa85WoxmwxWw9FusZiNhrvlaDYawkZxZqwZb7lazCaD1XC0GywGu9FqN5nMhlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73lCCptPhc93rRU-3y3MXOu0u013uMv3lLt_nL9kMZ8vVZjMHAAAAgAcAsZ4FiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAIXccA0AKA6DdtpNLrs_AAAeHkAAAAQwSAAO1J9KAFxexk8AAAAAAAAAAFj-____YwbubfZlBvw5vnoAHnwAHogKEIsYAQAAAARvOCgcTeqEyqIKAIAg3QrgCgAgAJAI11w5DAAAQEBMqX4juwQAS3ZsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCUX1xKUFPczMqP0CAgCs_QICALCpGwDAmwBcyJWg6XT4XPd60dPt8tyFTrvLdJe7TH-5y_f5SzbD2XK12YwuAFYXELMDAAAAuPv____HU6rfyC4BwJLVA6nlaLAabSwT53I5Wm42s5FnshsuTBvbymPxeCzbw7FNoElOt9brCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotL-BGAwGOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIkwvfwjXzbNaSjWW1Fo0mi7XENpitZQ6Lx7RwrByO3WIten1Mz9VwZtgMtygYMLIXwUU60TzMLs_N8rebni7LW-i0u0wXsURzskgnssu-tRwNVqONZeJcLkfLzWY28kx2w4VpY1t5LB6PZd9c-BaumWezlmwsq7VoNFmsJbbBbC1zWDymhWPlcOwWa9HrY3quhjPDZrhvzFaD0WQwGgz3jdlqMJoMRoPlvkNn-K4-Z6N6u9Z6bE6_NNu12BwGhctg8f4kpsW0OzuYTr6jU-eQLos6o-_6PXoNCs_BY5ooU2KdtS8TFpNXheNgUMQSwekinYhextNFLJE8LdKJamJbrBYWl81i2Zhcpt1qNPFsZjbPwmSyrRa73UQsUZou0ole7vJ9_pLNcLZcbTYT9R8ZYrmZS3ZzxWiuGKwSAAAAAAAAAMAS5sybAAAAAJwGtRjuNqvlAlTsOekCgwAAAAAAAOyqSIVbmEO53hQ3fjwxD7PLc7P87aany_IWOu0u05UBJszWmDd7Joi1Wi1rAAAAAWwAAIAAbt28BZxXcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:5e70:34f8:9284:341c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame EF3F
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=8b3f0905-c04e-11ec-8bc0-19da87bf0206&orig=video&us_privacy=1---gdpr=1&
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=8b3f0905-c04e-11ec-8bc0-19da87bf0206&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7DRoCFgNtpPJ1wQcE2gRtpPJ1wQcE2gUAAAAGBvQHGsWZsWa85WoxmwxWw9FusZiNhrvlaDYawkZxZqwZb7lazCaD1XC0GywGu9FqN5nMhlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73lCCptPhc93rRU-3y3MXOu0u013uMv3lLt_nL9kMZ8vVZjMHAAAAgAcAsZ4FiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAIXccA0AKA6DdtpNLrs_AAAeHkAAAAQwSAAO1J9KAFxexk8AAAAAAAAAAFj-____YwbubfZlBvw5vnoAHnwAHogKEIsYAQAAAARvOCgcTeqEyqIKAIAg3QrgCgAgAJAI11w5DAAAQEBMqX4juwQAS3ZsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCUX1xKUFPczMqP0CAgCs_QICALCpGwDAmwBcyJWg6XT4XPd60dPt8tyFTrvLdJe7TH-5y_f5SzbD2XK12YwuAFYXELMDAAAAuPv____HU6rfyC4BwJLVA6nlaLAabSwT53I5Wm42s5FnshsuTBvbymPxeCzbw7FNoElOt9brCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotL-BGAwGOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIkwvfwjXzbNaSjWW1Fo0mi7XENpitZQ6Lx7RwrByO3WIten1Mz9VwZtgMtygYMLIXwUU60TzMLs_N8rebni7LW-i0u0wXsURzskgnssu-tRwNVqONZeJcLkfLzWY28kx2w4VpY1t5LB6PZd9c-BaumWezlmwsq7VoNFmsJbbBbC1zWDymhWPlcOwWa9HrY3quhjPDZrhvzFaD0WQwGgz3jdlqMJoMRoPlvkNn-K4-Z6N6u9Z6bE6_NNu12BwGhctg8f4kpsW0OzuYTr6jU-eQLos6o-_6PXoNCs_BY5ooU2KdtS8TFpNXheNgUMQSwekinYhextNFLJE8LdKJamJbrBYWl81i2Zhcpt1qNPFsZjbPwmSyrRa73UQsUZou0ole7vJ9_pLNcLZcbTYT9R8ZYrmZS3ZzxWiuGKwSAAAAAAAAAMAS5sybAAAAAJwGtRjuNqvlAlTsOekCgwAAAAAAAOyqSIVbmEO53hQ3fjwxD7PLc7P87aany_IWOu0u05UBJszWmDd7Joi1Wi1rAAAAAWwAAIAAbt28BZxXcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13193

Redirect headers

Date
Wed, 20 Apr 2022 02:06:51 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=8b3f0905-c04e-11ec-8bc0-19da87bf0206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
82
Connection
keep-alive
Content-Length
0
cds-pips.js
cdn.taboola.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220417-11_b2-PR-43648-DEV-109130-add-taboola-push-api-to-force-trc_-params-into-json-call-104bbd149d4-SNAPSHOT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
Q93sCEWoqxiO0LdTLulEOAOmIgRcHF1L
content-encoding
gzip
etag
"8cbcf8a5c724c32aa9be09d14a4c624d"
age
1008
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
923
x-amz-id-2
bPQRnpWRawj32ZlMwlSekoJqHRmzBHxyIDIGRRv7irz69boehQ7MIteTxFp5zJzL1udNsm8DkKU=
x-served-by
cache-cdg20773-CDG
last-modified
Tue, 05 Apr 2022 10:34:30 GMT
server
AmazonS3
x-timer
S1650420412.588462,VS0,VE0
date
Wed, 20 Apr 2022 02:06:51 GMT
vary
Accept-Encoding
x-amz-request-id
68HX88K4ZAP9ADP4
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
37
x-cache-hits
151
eid.js
cdn.taboola.com/scripts/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220417-11_b2-PR-43648-DEV-109130-add-taboola-push-api-to-force-trc_-params-into-json-call-104bbd149d4-SNAPSHOT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b0b5da7e151ac3827a6b8f13fd19967fd4404ae45fa3eaca80adeabf35808c9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
53OKvw2BQarIq1DW0RF8XLcp_dkKr3oX
content-encoding
gzip
etag
"4574ed3f43bc468d4dc39dc39e86297d"
age
5420
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5298
x-amz-id-2
u23NOLD4ro3UMIAM2XtJZA21u12X/fFPLwEILQnF2sL++1ofdsu/AW8ZTJv9wKjupeT8pWVoojE=
x-served-by
cache-cdg20773-CDG
last-modified
Tue, 05 Apr 2022 10:34:31 GMT
server
AmazonS3
x-timer
S1650420412.588544,VS0,VE0
date
Wed, 20 Apr 2022 02:06:51 GMT
vary
Accept-Encoding
x-amz-request-id
VS9ZRS5PP3XNEMC9
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
37
x-cache-hits
748
ads
googleads.g.doubleclick.net/pagead/ Frame EF1B 		78 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420410252&bpp=2&bdt=750&idt=619&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420411&ga_hid=248024629&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1830&biw=1600&bih=1200&isw=580&ish=400&ifk=2341075057&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C182982000%2C182982200&oid=2&pvsid=3975703067766539&pem=129&tmod=1293801012&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.irexm87b3t4q&btvi=2&fsb=1&dtd=668
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457659720163747&plah=times.hinet.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
692bb2ef06437e49aaf898763c541af084f005d4f195e3ea09d51b8b23d7115b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
32217
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:06:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
puid
pusti.svc.litv.tv/ Frame 10DB 		83 B
103 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pusti.svc.litv.tv/puid
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQz|aGluZXQ=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.74.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.74.96.34.bc.googleusercontent.com
Software
/
Resource Hash
7da67f434f4b1c7588e36678a93eb406365ebc7327fbdde63e8a33fd80e1c9b5

Request headers

Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
via
1.1 google
access-control-allow-headers
Content-Type
access-control-max-age
60
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-store, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83
puid
pusti.svc.litv.tv/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pusti.svc.litv.tv/puid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.74.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.74.96.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://player.svc.litv.tv
access-control-max-age
60
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 20 Apr 2022 02:06:51 GMT
via
1.1 google
collect
www.google-analytics.com/j/ Frame 5B0B 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=645892776&t=pageview&_s=1&dl=https%3A%2F%2Ftimes.hinet.net%2Fhinetlife2%2Findex.html&dp=%2Fliferight&ul=en-us&de=UTF-8&dt=React%20Webpack%20Template&sd=24-bit&sr=1600x1200&vp=300x350&je=0&_u=AACAAEABAAAAAC~&jid=&gjid=&cid=1746851889.1650420409&tid=UA-131110623-1&_gid=313115528.1650420409&_slc=1&z=83898789
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
avs
adsv.svc.litv.tv/ Frame 10DB 		2 B
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsv.svc.litv.tv/avs
Requested by
Host: fino.svc.litv.tv
URL: https://fino.svc.litv.tv/acs/dms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.234.181 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
181.234.117.34.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 20 Apr 2022 02:06:51 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
vary
Origin
content-type
application/json
rts.html
fino.svc.litv.tv/acs/ Frame D952 		1 KB
959 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fino.svc.litv.tv/acs/rts.html
Requested by
Host: fino.svc.litv.tv
URL: https://fino.svc.litv.tv/acs/dms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-9.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10950392ef7cc3380276a6f24fd45d911654fda2ad06a698fa5ff6aba3f7b538

Request headers

Referer
https://player.svc.litv.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1066
content-encoding
gzip
content-type
text/html
date
Wed, 20 Apr 2022 02:06:51 GMT
etag
W/"60d8c5105468ea9606d0fd55ec5c0470"
last-modified
Wed, 22 Dec 2021 06:58:34 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 47755cdb8b36419a04f12ee3c24f7fae.cloudfront.net (CloudFront)
x-amz-cf-id
4yIy4TgMYVYUqjHSG35mcnO2pC-fgjz1_K4yWMerTxfkfNTAV5jzxQ==
x-amz-cf-pop
MUC50-P1
x-amz-version-id
t0fwBPeKC.X5zy_vnCVz9OXdRe3474cK
x-cache
Hit from cloudfront
js
www.googletagmanager.com/gtag/ Frame 10DB 		98 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-138079999-6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59507085-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6d7d42b6d1b61bf5da707978ff08a2796bc2b1032ed4494eb1694ca309814d6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38726
x-xss-protection
0
expires
Wed, 20 Apr 2022 02:06:51 GMT
js
www.googletagmanager.com/gtag/ Frame 10DB 		179 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JRLWM3RJSP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59507085-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1dfe43e4b3e9a7209802cfffb6d1c4d20e4622b45b4c64d5140bd46b5adf4aee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67494
x-xss-protection
0
expires
Wed, 20 Apr 2022 02:06:51 GMT
ytc.js
s.yimg.com/wi/ Frame 10DB 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 20 Apr 2022 01:30:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2206
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
5748
x-amz-id-2
sq8piDXuIBMy10ATIrYmXrVz8vMQAc8DyHxlLiXtryZXP1aont+VFAQqdn7t5PsdJbrfqpGl5F0=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Mon, 17 Jan 2022 12:00:39 GMT
server
ATS
etag
"13a189bb8f25228852b3279db3659c28-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
P67H6GXN445842MS
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
accept-ranges
bytes
content-type
application/javascript
lightintegration.js
redir.adap.tv/redir/javascript/ Frame 10DB 		31 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://redir.adap.tv/redir/javascript/lightintegration.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXVNLXL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.28 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lha/8D0D) /
Resource Hash
1e15f65bcef05f2ea9f54e051da9bf7e6fc9eb00a669905c9ed33f4fd7ba26f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
nel
{"report_to": "default", "max_age": 86400, "include_subdomains": true, "failure_fraction": 1.0, "success_fraction": 0.001}
age
526993
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
31633
x-amz-id-2
5Yru9p942M6mXEVvUDPdHipBpUE1JxoQVB5A+xry3g1IRfoWs0ykEMfQIe3kTjNLnsMA8bh/sDw=
last-modified
Wed, 13 Sep 2017 23:08:44 GMT
server
ECAcc (lha/8D0D)
x-amz-meta-s3cmd-attrs
uid:1000/gname:adaptv/uname:adaptv/gid:1000/mode:33188/mtime:1505344053/atime:1505344249/md5:1de3d0b5f3cbe8b1e87e274f129ac0e7/ctime:1505344249
etag
"1de3d0b5f3cbe8b1e87e274f129ac0e7"
report-to
{"group": "default", "max_age":86400, "endpoints":[{"url":"https://report.edgecast.com/","priority":1 }, {"url":"https://nelcollector.sre.ecsvc.net/report","priority":2 }]}
content-type
text/plain
x-amz-version-id
XGOCJEPvmrIOhn2ZV_.qAlIiRmN7Rqa0
accept-ranges
bytes
x-amz-request-id
8KYH1S26AZ8FNEBQ
/
pips.taboola.com/ 		64 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
a49d62ebf2f107714863bfd0fe4701e58f85d88b44d873845daa3720e33fa177

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-mxp6980-MXP
access-control-allow-methods
GET
access-control-allow-origin
https://times.hinet.net
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
t.ssp.hinet.net/ Frame 10DB 		36 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
fba9fcae554e343c051c331471b0f36b3ba4a094268562b8d24872835b096b37
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
rts.js
fino.svc.litv.tv/acs/ Frame D952 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fino.svc.litv.tv/acs/rts.js
Requested by
Host: fino.svc.litv.tv
URL: https://fino.svc.litv.tv/acs/rts.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-9.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
075a0f9a749139c00cc268f9a40bb98bb3075c3f7132a10cbfffbc29a84479b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fino.svc.litv.tv/acs/rts.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
_YmIpIEzJ0_ME_CgTJS8ruTsZLn1vPSY
content-encoding
gzip
last-modified
Mon, 15 Nov 2021 06:00:23 GMT
server
AmazonS3
age
82743
etag
W/"7025c203af697a3e1a3d7e9b00c6a4bb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 47755cdb8b36419a04f12ee3c24f7fae.cloudfront.net (CloudFront)
date
Tue, 19 Apr 2022 03:07:49 GMT
x-amz-cf-pop
MUC50-P1
x-amz-cf-id
iIWlujzv3SBdfHFAD1bW9hdDH1DbFFw74B9pNX0Q8tl4Nv5B-4t4Sg==
fbevents.js
connect.facebook.net/en_US/ Frame D952 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: fino.svc.litv.tv
URL: https://fino.svc.litv.tv/acs/rts.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fino.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
W8QxwF5qn0/tCoTxrQsiOiyYo68mlVXQBVPnj6JWPvnCNCgymzVyTQ7TX2Z+XbCkX8ZYg9R3mTdnGFifrJ4Omw==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 20 Apr 2022 02:06:52 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ Frame 10DB 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-138079999-6&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6580
date
Wed, 20 Apr 2022 00:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 20 Apr 2022 02:17:11 GMT
rts
adsv.svc.litv.tv/ Frame D952 		2 B
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsv.svc.litv.tv/rts
Requested by
Host: fino.svc.litv.tv
URL: https://fino.svc.litv.tv/acs/rts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.234.181 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
181.234.117.34.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fino.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 20 Apr 2022 02:06:51 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
vary
Origin
content-type
application/json
/
cds.taboola.com/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=9a7a5f33-2c25-4421-b606-fabc4a1ea171-tuct958f038&uad=b4681e73af9b8ed1bf04b039b216ebd36925062b44a5c0f4ba7b153ea4fc843b
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 20 Apr 2022 02:06:52 GMT
Cache-Control
no-store
Server
nginx
Connection
close
gtm.js
www.googletagmanager.com/ Frame 0DBE 		109 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P88FR8
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3eb9e7799c523681ba73fdd0f9f4878a7772ad85d856ae52423c26964c0eb27a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41717
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Apr 2022 02:06:51 GMT
play_icon.png
www.hinet.net/resources/freevideo/img/ Frame 0DBE 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/resources/freevideo/img/play_icon.png
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/resources/freevideo/css/video_m.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:b000:590::1 , Taiwan, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2203 /
Resource Hash
53a1a3d6c5bd947c6eee0a398e3d0ca97da62e9b6810519bb2940b9c435d1aa2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/resources/freevideo/css/video_m.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nonsniff
last-modified
Mon, 13 Sep 2021 08:51:46 GMT
server
HiNetCDN/2203
x-frame-options
ALLOW-FROM https://times.hinet.net
x-cache
HIT
content-type
image/png
cache-control
no-cache
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
strict-transport-security
max-age=31536000;includeSubdomains;preload
accept-ranges
bytes
vary
User-Agent
content-length
35007
x-xss-protection
1;mode=block
x-request-id
5418f22a5ce99d59c7f1adc35680f6a1
cookie
ads.adaptv.advertising.com/ Frame 10DB 		0
366 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/cookie?pageUrl=https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQz|aGluZXQ=&isTop=false&callback=1
Requested by
Host: redir.adap.tv
URL: https://redir.adap.tv/redir/javascript/lightintegration.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.136.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-136-79.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

server
adaptv/1.0
Connection
keep-alive
Content-Length
0
content-type
text/html
9808485057489917357
tpc.googlesyndication.com/simgad/ Frame EF1B 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9808485057489917357?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmWvZK91sbVJSsR1_ZVsq591A_qzA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420410252&bpp=2&bdt=750&idt=619&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420411&ga_hid=248024629&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1830&biw=1600&bih=1200&isw=580&ish=400&ifk=2341075057&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C182982000%2C182982200&oid=2&pvsid=3975703067766539&pem=129&tmod=1293801012&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.irexm87b3t4q&btvi=2&fsb=1&dtd=668
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
181f3f99fc38af603b04a7e9ff1e1b9f55322718f577df2cb6ba0dfda8caf792
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 15:03:31 GMT
x-content-type-options
nosniff
age
471800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57295
x-xss-protection
0
last-modified
Wed, 06 Apr 2022 09:33:19 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 14 Apr 2023 15:03:31 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220418/r20110914/ Frame EF1B 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220418/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420410252&bpp=2&bdt=750&idt=619&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420411&ga_hid=248024629&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1830&biw=1600&bih=1200&isw=580&ish=400&ifk=2341075057&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C182982000%2C182982200&oid=2&pvsid=3975703067766539&pem=129&tmod=1293801012&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.irexm87b3t4q&btvi=2&fsb=1&dtd=668
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 15:51:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36914
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8002
x-xss-protection
0
server
cafe
etag
5332015062585099865
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 May 2022 15:51:37 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/ Frame EF1B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420410252&bpp=2&bdt=750&idt=619&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420411&ga_hid=248024629&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1830&biw=1600&bih=1200&isw=580&ish=400&ifk=2341075057&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C182982000%2C182982200&oid=2&pvsid=3975703067766539&pem=129&tmod=1293801012&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.irexm87b3t4q&btvi=2&fsb=1&dtd=668
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 15:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36754
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 May 2022 15:54:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EF1B 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420410252&bpp=2&bdt=750&idt=619&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420411&ga_hid=248024629&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1830&biw=1600&bih=1200&isw=580&ish=400&ifk=2341075057&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C182982000%2C182982200&oid=2&pvsid=3975703067766539&pem=129&tmod=1293801012&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.irexm87b3t4q&btvi=2&fsb=1&dtd=668
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650281421154365"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Apr 2022 02:06:51 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/ Frame EF1B 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420410252&bpp=2&bdt=750&idt=619&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420411&ga_hid=248024629&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1830&biw=1600&bih=1200&isw=580&ish=400&ifk=2341075057&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C182982000%2C182982200&oid=2&pvsid=3975703067766539&pem=129&tmod=1293801012&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.irexm87b3t4q&btvi=2&fsb=1&dtd=668
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2d5acc40b303c5c7b8d41a3472de6bea841871f10f3b219d0add5c0d673106b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6421
x-xss-protection
0
server
cafe
etag
15269590465493672714
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 May 2022 02:04:58 GMT
l
www.google.com/ads/measurement/ Frame EF1B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRPCXhOaEg1M25xYd_EvOoVfd-75jb9RYJ_R6ndoFEvBUxr1ibcZ9oHfMkIDQSTFZycEeSmfuXO1dBMV_TT8m3Kvoa9bA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420410252&bpp=2&bdt=750&idt=619&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420411&ga_hid=248024629&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1830&biw=1600&bih=1200&isw=580&ish=400&ifk=2341075057&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C182982000%2C182982200&oid=2&pvsid=3975703067766539&pem=129&tmod=1293801012&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.irexm87b3t4q&btvi=2&fsb=1&dtd=668
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/ Frame EF1B 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420410252&bpp=2&bdt=750&idt=619&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420411&ga_hid=248024629&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1830&biw=1600&bih=1200&isw=580&ish=400&ifk=2341075057&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C182982000%2C182982200&oid=2&pvsid=3975703067766539&pem=129&tmod=1293801012&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.irexm87b3t4q&btvi=2&fsb=1&dtd=668
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
331526c14b60a755fe5aa879555bc51e4d8d2f65b113125cd177e685295317ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 16:33:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34383
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12178
x-xss-protection
0
server
cafe
etag
6984148462797973189
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 May 2022 16:33:48 GMT
ppnif.html
player.svc.litv.tv/v3/ Frame 9DEF 		933 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQ2|aGluZXQ=
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/resources/freevideo/js/jquery-3.5.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4867d78d8cf2d27090f436525403b30019c5b9c6808f8c070e9aefd14d0de94c

Request headers

Referer
https://www.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
64106
content-length
933
content-type
text/html
date
Tue, 19 Apr 2022 08:18:26 GMT
etag
"caf8fef87489e046b536046382e0765f"
last-modified
Tue, 19 Apr 2022 08:14:12 GMT
server
AmazonS3
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-id
V1Ti_7hW-2CS6t2vAYJr7TGdDb7Hx9E_npjyhzoYA6Wl7Z4dg2APlA==
x-amz-cf-pop
FRA50-C1
x-amz-version-id
jOva7_UtmB_uvFYBZcGaaNa3gi8yztzf
x-cache
Hit from cloudfront
json
ssp.hinet.net/api/web/request/ Frame 0DBE 		610 B
782 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request/json?c=2017023&s=201702000019&callback=jQuery3500519290355811934_1650420411145&_=1650420411146
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/resources/freevideo/js/jquery-3.5.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
b489577dce67dfb05d32019964f46c4c2a8bbda3ae6ad8543131e21ac8347d54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://www.hinet.net
date
Wed, 20 Apr 2022 02:06:52 GMT
access-control-allow-credentials
true
server
nginx
content-length
610
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
json
ssp.hinet.net/api/web/request/ Frame 0DBE 		590 B
762 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request/json?c=2017023&s=201702000020&callback=jQuery3500519290355811934_1650420411147&_=1650420411148
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/resources/freevideo/js/jquery-3.5.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
303eeac2d4c57de43238af79e155db4a3d855f8d1b6296cc6811de5a857fe236

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://www.hinet.net
date
Wed, 20 Apr 2022 02:06:52 GMT
access-control-allow-credentials
true
server
nginx
content-length
590
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
adview
googleads.g.doubleclick.net/pagead/ Frame EF1B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C3wtMu2pfYofhJdSt9u8P-uqq8Aar9bXUadmogom-D7_hHhABIMq-_CZgleKQgqAHoAGcr_uoAsgBAqgDAcgDyQSqBNoBT9CNQOXe3-FALcsICBHVt3oC-zBy7m-5pJjOMMBy7Fx5O4Hb3F_jFJ-8Bv0wUk3gbZGFHTDtcLPttAYJ7vHVNUEfMAf6hiQ3xFwVjGDFg-S70Mpf416_pXs1gJOOIZ54aZLYkIti2EDlV0a_r8gkn1sxzZQjtsPstkuLoMyxn_-eWxVW16awfCiq41pd9-EH1-luD_YKnimbCluH3BxMn1YQ_NW0oXn3rtyUcvKZfO-oN3sNnVH7HPaUibuk4DFeofqkzLZ4jYV7doYCSjUCI9tKfMn28aNP3nrABNCI_Y6OBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfM0ITXAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKiNDdIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi00NDU3NjU5NzIwMTYzNzQ3GAA&sigh=sG9lVydUskU&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420410252&bpp=2&bdt=750&idt=619&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420411&ga_hid=248024629&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1830&biw=1600&bih=1200&isw=580&ish=400&ifk=2341075057&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C182982000%2C182982200&oid=2&pvsid=3975703067766539&pem=129&tmod=1293801012&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.irexm87b3t4q&btvi=2&fsb=1&dtd=668
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420410252&bpp=2&bdt=750&idt=619&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420411&ga_hid=248024629&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1830&biw=1600&bih=1200&isw=580&ish=400&ifk=2341075057&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C182982000%2C182982200&oid=2&pvsid=3975703067766539&pem=129&tmod=1293801012&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.irexm87b3t4q&btvi=2&fsb=1&dtd=668
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 20 Apr 2022 02:06:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
10114832.json
s.yimg.com/wi/config/ Frame 10DB 		46 B
680 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10114832.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
480d5b26935e27640c98365cfc7bd4a663c82d2affb64ffae8a4bf9b01b5e9fb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 20:48:29 GMT
x-content-type-options
nosniff
age
19104
x-amz-server-side-encryption
AES256
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
SYYST3NSM71ZR9MD
x-amz-id-2
p3ZEtMiwDP7+fDl7Pwt1AXU3hT1vbfRnDeuN6vjiC8CanfQ4/yNASGX4rnc+iQzAaoWBo3nswmE=
accept-ranges
bytes
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sun, 07 May 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Fri, 01 Apr 2022 21:50:20 GMT
server
ATS
etag
"31991d36d356e76ae58f243f53479582"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
x-amz-version-id
LFheN9jReXK1DR2ArxDz7ZU1RNsU84u3
access-control-allow-origin
*
x-xss-protection
1; mode=block
content-length
46
content-type
application/json
/
t.ssp.hinet.net/ Frame 0DBE 		36 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
fba9fcae554e343c051c331471b0f36b3ba4a094268562b8d24872835b096b37
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.hinet.net
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
analytics.js
www.google-analytics.com/ Frame 0DBE 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P88FR8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6581
date
Wed, 20 Apr 2022 00:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 20 Apr 2022 02:17:11 GMT
ppnio.js
player.svc.litv.tv/v3/ Frame 9DEF 		766 KB
207 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.svc.litv.tv/v3/ppnio.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQ2|aGluZXQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab65663d91d2b24d60789f9520742dff66ef06afa1477dea67aa172acb6c840a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQ2|aGluZXQ=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 08:15:05 GMT
content-encoding
gzip
last-modified
Tue, 19 Apr 2022 08:14:12 GMT
server
AmazonS3
age
64308
etag
W/"39a961642da55113a1c67d710cf5c9cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
C3A4E0wz8yguNa4IKSMi5GsdOFlveU0z
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
iMCExusV_8gET1-iKuYsA4YhngLMQ0o-wfNve3yugXLTT9erabXtBQ==
emome2
t.ssp.hinet.net/ Frame 10DB 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=645f1f83-8da9-451c-b42f-b9f76357727e
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
sp.pl
sp.analytics.yahoo.com/ Frame 10DB 		43 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2020%20Apr%202022%2002%3A06%3A51%20GMT&n=0&.yp=10114832&f=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fex.html%3Fid%3Dppn-aGluZXQz%7CaGluZXQ%3D&e=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fppnif.html%3Fs%3DaGluZXQz%7CaGluZXQ%3D&enc=UTF-8&yv=1.12.0&isIframe=1&tagmgr=gtm
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQz|aGluZXQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Wed, 20 Apr 2022 02:06:52 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame C24A 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420410252&bpp=2&bdt=750&idt=619&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420411&ga_hid=248024629&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1830&biw=1600&bih=1200&isw=580&ish=400&ifk=2341075057&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C182982000%2C182982200&oid=2&pvsid=3975703067766539&pem=129&tmod=1293801012&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.irexm87b3t4q&btvi=2&fsb=1&dtd=668
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420410252&bpp=2&bdt=750&idt=619&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420411&ga_hid=248024629&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1830&biw=1600&bih=1200&isw=580&ish=400&ifk=2341075057&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C182982000%2C182982200&oid=2&pvsid=3975703067766539&pem=129&tmod=1293801012&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.irexm87b3t4q&btvi=2&fsb=1&dtd=668
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3517
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Wed, 20 Apr 2022 01:08:15 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6ED6 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420410252&bpp=2&bdt=750&idt=619&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420411&ga_hid=248024629&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1830&biw=1600&bih=1200&isw=580&ish=400&ifk=2341075057&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C182982000%2C182982200&oid=2&pvsid=3975703067766539&pem=129&tmod=1293801012&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.irexm87b3t4q&btvi=2&fsb=1&dtd=668
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
72788
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 05:53:44 GMT
etag
48472445140208031
expires
Wed, 20 Apr 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame EF1B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0bc229f5d14e3b1fe284babf1166fec10f1bcb63b06c4fde445e53d5afc1c738

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
271699991685076
connect.facebook.net/signals/config/ Frame D952 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/271699991685076?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
57cc17ccb9ed9e69ef54d7e57a90635a330478131636982141231e9ba045cd95
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fino.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
1uWMSw9J1XVEwZYVhW19loxf42b1QAAGWF/eG561kpPcrT4d6QrjcWDxmBz4OBAxaRzP/Tqpn7ZItAdpGGEaBg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 20 Apr 2022 02:06:52 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/ Frame 9DEF 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-121.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 04:06:42 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
79211
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b17dca9c320b96e12b996848d121ffe4.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
wWfRRzKZnW6oXXgNGBnV0mRW86RigpTe7m8ntfCNaO6YLJbDX1nGdw==
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 9DEF 		376 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2767df6736abef725fe8b1e39307f402dc27a7c8341f9354a8c1b883dcc563dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128424
x-xss-protection
0
expires
Wed, 20 Apr 2022 02:06:52 GMT
collect
www.google-analytics.com/j/ Frame 0DBE 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=748718926&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hinet.net%2Ftv%2Fmobile_iframe.html&dr=https%3A%2F%2Ftimes.hinet.net%2F&ul=en-us&de=UTF-8&dt=HiNet%E5%85%8D%E8%B2%BB%E5%BD%B1%E9%9F%B3&sd=24-bit&sr=1600x1200&vp=300x240&je=0&_u=QACAAAABAAAAAC~&jid=2121822045&gjid=87981744&cid=1746851889.1650420409&tid=UA-46698217-3&_gid=313115528.1650420409&_r=1&gtm=2wg4i1P88FR8&z=1199453471
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hinet.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 6ED6 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMIsc2XGYqluwsMFe_WSp9I&google_cver=1&google_push=AYg5qPKM_zLveYVl0UJNObrjObLWVffdHcJSibjIY-ESSCGWD4bayIxCiMPLTZjWIxnvqhe4Wid8RBoa3_tIDRtOUELyYECrwl-A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420410252&bpp=2&bdt=750&idt=619&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420411&ga_hid=248024629&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1830&biw=1600&bih=1200&isw=580&ish=400&ifk=2341075057&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C182982000%2C182982200&oid=2&pvsid=3975703067766539&pem=129&tmod=1293801012&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.irexm87b3t4q&btvi=2&fsb=1&dtd=668
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:52 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
dds
rtb.openx.net/sync/ Frame 6ED6 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEA7vUIiKNt6hPdnhvlWHkZE&google_cver=1&google_push=AYg5qPIJWGkIqeKVxjm5yYz3vNm2IlvMvUEynXrwatzjgPtgqNUzLg4WaHZHZe3GzYGSsUrtrT0lFW_zvXqCUpDJYxiGD3GJN5pc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420410252&bpp=2&bdt=750&idt=619&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420411&ga_hid=248024629&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1830&biw=1600&bih=1200&isw=580&ish=400&ifk=2341075057&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C182982000%2C182982200&oid=2&pvsid=3975703067766539&pem=129&tmod=1293801012&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.irexm87b3t4q&btvi=2&fsb=1&dtd=668
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:51 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
1f65f6oi022bana799l5hd19j05avf23
pixel
cm.g.doubleclick.net/ Frame 6ED6
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IoyaC54qQz6mybnIeIjyzQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IoyaC54qQz6mybnIeIjyzQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKoYsbUD9p9XTgWtX77pVDl5HRulhlO8HMlk1uyFVbC9rHJORikziJopcFdnHxTM3GlCJDPolYNYDDuZeB_w3l6cSff6aaV
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IoyaC54qQz6mybnIeIjyzQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKoYsbUD9p9XTgWtX77pVDl5HRulhlO8HMlk1uyFVbC9rHJORikziJopcFdnHxTM3GlCJDPolYNYDDuZeB_w3l6cSff6aaV
date
Wed, 20 Apr 2022 02:06:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 6ED6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKNqyZwWUM33eFnGlhHyw4Y&google_cver=1&google_push=AYg5qPJtasOJ_ll7LshGjMP9pDXJ9GTOYe0JwR4l9jod91e9fgrWmM4x7NU5dGbI_zgvn03s0__...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI2WFA4SzQtMUEtQUswTw==&google_push=AYg5qPJtasOJ_ll7LshGjMP9pDXJ9GTOYe0JwR4l9jod91e9fgrWmM4x7NU5dGbI_zgvn03s0__xxbn2cfLKoqN_OQYOnryVf20TFQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI2WFA4SzQtMUEtQUswTw==&google_push=AYg5qPJtasOJ_ll7LshGjMP9pDXJ9GTOYe0JwR4l9jod91e9fgrWmM4x7NU5dGbI_zgvn03s0__xxbn2cfLKoqN_OQYOnryVf20TFQ
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI2WFA4SzQtMUEtQUswTw==&google_push=AYg5qPJtasOJ_ll7LshGjMP9pDXJ9GTOYe0JwR4l9jod91e9fgrWmM4x7NU5dGbI_zgvn03s0__xxbn2cfLKoqN_OQYOnryVf20TFQ
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame 6ED6
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvEN...
0
0
trk
ag.innovid.com/ Frame 6ED6 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEP2VsMJ7k6sfjbUwZl5zS-U&google_cver=1&google_push=AYg5qPJd8Ythxw0cF1j8VVoFIYsdE4OzWziW2ygXfbR2sMp4Qer6AY3Ttwfme0zYw6Z7bO7xCJwkldBGNZkTelUJ06MEp7fonXKi
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420410252&bpp=2&bdt=750&idt=619&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420411&ga_hid=248024629&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1830&biw=1600&bih=1200&isw=580&ish=400&ifk=2341075057&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C182982000%2C182982200&oid=2&pvsid=3975703067766539&pem=129&tmod=1293801012&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.irexm87b3t4q&btvi=2&fsb=1&dtd=668
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8102:a946:f0fe:2301:5b7a London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:52 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
googleredir
googlecm.hit.gemius.pl/ Frame 6ED6 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 6ED6 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KasMTI0t1FU1kVgkoW1hSWiYgB6r7bcE-yWGy5VyDRTj1g4spiXMfZw3BhYExWcfVyqyd3SA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420410252&bpp=2&bdt=750&idt=619&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420411&ga_hid=248024629&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1830&biw=1600&bih=1200&isw=580&ish=400&ifk=2341075057&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C182982000%2C182982200&oid=2&pvsid=3975703067766539&pem=129&tmod=1293801012&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.irexm87b3t4q&btvi=2&fsb=1&dtd=668
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
securepubads.g.doubleclick.net/pcs/ Frame 4C76 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSM5iOS8Xes6N5O0Eyj0SqS0_sIsEq4hP_q_s6JtkUhSLrmS03sQMO8bmdzX0k3LYsu4104t83cW5tU7J52c87F6FNKZwns90AilDXdTKjCsZnw0m7IYZoOfie2HT-mEkQ7iYDRIapRr2uPNwlc2Yf29gU0AwPb7ksOZEQwBsvmSfXSGb3N-Sbi9zRGBW8a5IcBcNNV-_y2Cz5-0RqRxey6_2VGRxNM6vdTNocR_SaLwfIhsaM9Xd0jZPhyDNMgrXvQ8GVan2H3-5y1yMfOlbH4-04AHDcHD_Vb7D3J8dXsPYzZ2d52gN-tW947mAJPMXqcGo9WwmPyPMfvc5dzwE&sig=Cg0ArKJSzGyurseYHD2HEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:06:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 20 Apr 2022 02:06:52 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4C76 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220413&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457659720163747&plah=times.hinet.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5bd9514f799d95f78da34d9c1e9da3783a3616a3fdade5737e8c6a238bb0f637
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10512
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 44C2 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05e15f0a098f99df6255a951f48d34e45e37387384e5e08c1c02ea8308417e62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10431
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ Frame 0DBE 		1 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-46698217-3&cid=1746851889.1650420409&jid=2121822045&gjid=87981744&_gid=313115528.1650420409&_u=QACAAAAAAAAAAC~&z=993088128
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 20 Apr 2022 02:06:52 GMT
content-type
text/plain
access-control-allow-origin
https://www.hinet.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame C24A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420410252&bpp=2&bdt=750&idt=619&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420411&ga_hid=248024629&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1830&biw=1600&bih=1200&isw=580&ish=400&ifk=2341075057&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C182982000%2C182982200&oid=2&pvsid=3975703067766539&pem=129&tmod=1293801012&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.irexm87b3t4q&btvi=2&fsb=1&dtd=668
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 20 Apr 2022 02:06:52 GMT
expires
Wed, 20 Apr 2022 02:06:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 20 Apr 2022 02:06:52 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
pagead2.googlesyndication.com/bg/ Frame 5FD3 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420410252&bpp=2&bdt=750&idt=619&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420411&ga_hid=248024629&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1830&biw=1600&bih=1200&isw=580&ish=400&ifk=2341075057&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C182982000%2C182982200&oid=2&pvsid=3975703067766539&pem=129&tmod=1293801012&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.irexm87b3t4q&btvi=2&fsb=1&dtd=668
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 21:22:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
17043
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13574
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 21:22:49 GMT
sync
api.svc.taiwanmedia.org/taiwan-media/puid/ Frame 10DB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.svc.taiwanmedia.org/taiwan-media/puid/sync?luid=0f1b405b-4e10-4237-a3b5-92e8fa938f2a
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQz|aGluZXQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.124.131 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
131.124.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
via
1.1 google
access-control-allow-headers
Content-Type
access-control-max-age
60
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
push
onead.onevision.com.tw/v2/app/ Frame 10DB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onead.onevision.com.tw/v2/app/push?event=7000&p1=899654903&pub=0f1b405b-4e10-4237-a3b5-92e8fa938f2a
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQz|aGluZXQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.241.176 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
176.241.178.107.bc.googleusercontent.com
Software
gws / OneAD
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
via
1.1 google
age
0
x-powered-by
OneAD
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-onead-backend
onead-http-event-gng5-gohttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
server
gws
x-onead-guid
8bb6fb91-c04e-11ec-a6ec-0242ac120002
x-varnish
112919267
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
x-onead-version
36747b4e
content-type
text/plain; charset=utf-8
expires
Mon, 01 Jan 1990 00:00:00 GMT
ce
e2elog.fetnet.net/CM/ Frame 10DB 		0
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e2elog.fetnet.net/CM/ce?ad_id=0f1b405b-4e10-4237-a3b5-92e8fa938f2a&chnl=litv
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQz|aGluZXQ=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.184.62.41 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 02:06:53 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
b
sb.scorecardresearch.com/ Frame 9DEF 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=18986219&c3=100001&ns__t=1650420411742&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fppnif.html%3Fs%3DaGluZXQ2%7CaGluZXQ%3D&c9=https%3A%2F%2Fwww.hinet.net%2F
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQ2|aGluZXQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-121.dus51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
via
1.1 b17dca9c320b96e12b996848d121ffe4.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
54wCkcLJb46B1rBprkUNJGQh9rqWJGWSk1R2zF_0osEyzZInO9zC4w==
x-cache
Miss from cloudfront
puid
pusti.svc.litv.tv/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pusti.svc.litv.tv/puid
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.74.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.74.96.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://player.svc.litv.tv
access-control-max-age
60
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 20 Apr 2022 02:06:52 GMT
via
1.1 google
puid
pusti.svc.litv.tv/ Frame 2197 		83 B
103 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pusti.svc.litv.tv/puid
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.74.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.74.96.34.bc.googleusercontent.com
Software
/
Resource Hash
b5781f847fd08091f930623c2dbc2ccb54c61b624efaa309b0ee29adbd176ef4

Request headers

Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
via
1.1 google
access-control-allow-headers
Content-Type
access-control-max-age
60
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-store, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83
hinet3-schedule.json
player.svc.litv.tv/meta/vc/ Frame 2197 		28 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.svc.litv.tv/meta/vc/hinet3-schedule.json?cb=38204
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef202333ba48afabd12b21d0986ef0c24c08b0ef2a07aafec1184751abd8629f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQz|aGluZXQ=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
q4qRhdumBIazI3QJ1zUZR856Zdt80Jch
content-encoding
gzip
last-modified
Tue, 19 Apr 2022 20:40:25 GMT
server
AmazonS3
age
548
etag
W/"7162f9e0ee8a3219fcd21968aeaf5922"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control
max-age=1800
date
Wed, 20 Apr 2022 01:57:45 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
wKS-4GPfCQtx-QilwLd_LWEvkUrDrZV6PTxbdRKPLRyLWiP1n38fMA==
truncated
/ Frame 2197 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a8609eeda77369cd567a813411d740959695b5a47db762f2f6dfbb6006cefcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png;charset=utf-8
vtt.min.js
vjs.zencdn.net/vttjs/0.14.1/ Frame 2197 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/vttjs/0.14.1/vtt.min.js
Requested by
Host: jsmodule.svc.litv.tv
URL: https://jsmodule.svc.litv.tv/videojs/video.novtt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5a36011812516a45305217c2fc2d0a0b2fcf9e66e4c84708cc1b6818066024fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
content-encoding
gzip
last-modified
Tue, 10 Apr 2018 19:42:19 GMT
etag
"52c6ba3260a51c570977f84d2bd7bf55"
x-served-by
cache-mxp6940-MXP
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
7089
x-cache-hits
6920
ads_check.js
fino.svc.litv.tv/acs/ Frame 2197 		36 B
494 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fino.svc.litv.tv/acs/ads_check.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-9.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c47ff9781e5c10d5b7a4edbd121682c9d6150251dfa4c0820f9939a70e623f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
EHi4EZ.gJdlfigQoKnOSB_rq9xJIQl9.
via
1.1 28e56b9ddced4ed414e75f87cbd0d976.cloudfront.net (CloudFront)
etag
"eccd8c86e285ee7d525d2b012ed3c06d"
age
85683
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
36
last-modified
Fri, 19 Feb 2021 02:39:49 GMT
server
AmazonS3
date
Tue, 19 Apr 2022 03:14:18 GMT
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-pop
MUC50-P1
accept-ranges
bytes
x-amz-cf-id
zaDf15pCwSZ1Ew4Ui66L1xTnHaOXQTqXyJbPWxDDfkbZZVBcNwx3rg==
bridge3.510.1_zh_tw.html
imasdk.googleapis.com/js/core/ Frame A89D 		631 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.510.1_zh_tw.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89d171a4d59e745c28bf0ae9dcf3784b8417aeb344790a567efe6137d1d2a117
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://player.svc.litv.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
440144
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210011
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 23:51:08 GMT
expires
Fri, 14 Apr 2023 23:51:08 GMT
last-modified
Thu, 14 Apr 2022 23:44:31 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 2197 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Apr 2022 02:06:52 GMT
aGluZXQ=
fino.svc.litv.tv/showcase/ Frame 2197 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fino.svc.litv.tv/showcase/aGluZXQ=
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-9.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fa03c84d54a8cb2b6c74b2deccd56cb07fb8a14f8f0cd10e0d702d8d79802ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
BLiJnzELNEWur.hwn7M8nEi6tk8Kiz9o
content-encoding
gzip
etag
W/"9af8742d361f802a7834da846569f88e"
age
1695
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 09 Mar 2022 18:35:05 GMT
server
AmazonS3
date
Wed, 20 Apr 2022 02:06:52 GMT
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/json
via
1.1 28e56b9ddced4ed414e75f87cbd0d976.cloudfront.net (CloudFront)
cache-control
max-age=43200
x-amz-cf-pop
MUC50-P1
x-amz-cf-id
ft7eB-c6-Um9d1ru7QgQ5iH4t341FAT9ug2QazvJdagBDYbb6-JjFg==
ppn
pusti.svc.litv.tv/callback/ Frame 2197 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pusti.svc.litv.tv/callback/ppn
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.74.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.74.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
via
1.1 google
access-control-allow-headers
Content-Type
access-control-max-age
60
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-store, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p
sb.scorecardresearch.com/ Frame 2197 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=8&c2=18986219&c3=1&cj=1&c4=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fppnif.html%3Fs%3DaGluZXQz%7CaGluZXQ%3D&rn=1650420411850
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQz|aGluZXQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-121.dus51.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
via
1.1 b17dca9c320b96e12b996848d121ffe4.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
content-length
43
x-amz-cf-id
kFSIdVZZyh7HfmqMwtPQ-HTPpfPXOGU1o6XpB0X4O17FD-ZVhE8XuA==
x-cache
Miss from cloudfront
content-type
image/gif
ppn
pusti.svc.litv.tv/callback/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pusti.svc.litv.tv/callback/ppn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.74.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.74.96.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://player.svc.litv.tv
access-control-max-age
60
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 20 Apr 2022 02:06:52 GMT
via
1.1 google
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 44C2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Apr 2022 02:06:52 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4C76 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457659720163747&plah=times.hinet.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Apr 2022 02:06:52 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 975E 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 01:36:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1842
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 20 Apr 2022 02:36:10 GMT
js
www.googletagmanager.com/gtag/ Frame 10DB 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-138079999-10&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59507085-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bd0e968cd0732619243a5314d6aa31116340b5c176c7852d2695a5b78f101448
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38735
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Apr 2022 02:06:52 GMT
pixel
645f1f83-8da9-451c-b42f-b9f76357727e.t.ssp.hinet.net/ Frame 0DBE 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://645f1f83-8da9-451c-b42f-b9f76357727e.t.ssp.hinet.net/pixel?bd=645f1f83-8da9-451c-b42f-b9f76357727e&t=426409
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
video.novtt.min.js
jsmodule.svc.litv.tv/videojs/ Frame 9DEF 		488 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsmodule.svc.litv.tv/videojs/video.novtt.min.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8400:9:f0ff:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19d173388ecf7414a4d7ba951cc7557b1f4d181cfddf5717fd09410d2f7d81f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
oxKgqXtWiOnPmdhIW_gFoPkZ6EGgOs9Y
content-encoding
br
last-modified
Mon, 19 Apr 2021 07:20:07 GMT
server
AmazonS3
age
74804
etag
W/"c9b5d9401cfafdfbd38583ff245ba550"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
date
Tue, 19 Apr 2022 05:20:09 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
ghwuU5argYHJxydwhzgrvQyllnwzIkQLp51UI-iooyfMDd6QuPLceQ==
1643183895.png
cdnstatic.svc.litv.tv/pics/embed_showcase/2022/01/ Frame 2197 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnstatic.svc.litv.tv/pics/embed_showcase/2022/01/1643183895.png
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQz|aGluZXQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-51.dus51.r.cloudfront.net
Software
Apache/2.2.21 (Unix) DAV/2 /
Resource Hash
474cdd89828882068fce56d11813828f9dd7510c05daa3b2e3e5588317435501

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 03 Apr 2022 16:11:20 GMT
via
1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
age
1418113
x-cache
Hit from cloudfront
content-length
18139
last-modified
Wed, 26 Jan 2022 07:58:15 GMT
server
Apache/2.2.21 (Unix) DAV/2
etag
"406b39-46db-5d6779067ab07"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
501IamBuG9Evr8hp71jcphUjyuu5Bsdlq2dsezu0q5wJdpv0s17BlQ==
expires
Tue, 03 May 2022 16:11:20 GMT
1616657474.JPG
cdnstatic.svc.litv.tv/pics/embed_showcase/2021/03/ Frame 2197 		333 KB
334 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnstatic.svc.litv.tv/pics/embed_showcase/2021/03/1616657474.JPG
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQz|aGluZXQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-51.dus51.r.cloudfront.net
Software
Apache/2.2.21 (Unix) DAV/2 /
Resource Hash
01bfcffc34e1ea08d884a0d8af25c24044a13fdd2c1831362a485c74e3eaac35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 04:47:47 GMT
via
1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
age
1372726
x-cache
Hit from cloudfront
content-length
341080
last-modified
Thu, 25 Mar 2021 07:31:15 GMT
server
Apache/2.2.21 (Unix) DAV/2
etag
"324620-53458-5be576685ebb4"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
s0FkhoftZaAM1VLCuiLRdOTjFpC7sRvZOBqxj_hRC8_SWLPJX5GeOw==
expires
Wed, 04 May 2022 04:47:47 GMT
1645595912.jpg
cdnstatic.svc.litv.tv/pics/embed_showcase/2022/02/ Frame 2197 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnstatic.svc.litv.tv/pics/embed_showcase/2022/02/1645595912.jpg
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQz|aGluZXQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-51.dus51.r.cloudfront.net
Software
Apache/2.2.21 (Unix) DAV/2 /
Resource Hash
e487187e3cea8e12d843bee5b27c35ee11900cf7a8dce8664760eed3ecda0d55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:12:28 GMT
via
1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
age
1752845
x-cache
Hit from cloudfront
content-length
43889
last-modified
Wed, 23 Feb 2022 05:58:34 GMT
server
Apache/2.2.21 (Unix) DAV/2
etag
"409175-ab71-5d8a927e6b746"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
XzVVPuSg_G7zppFjAUxaYKz60eSK2wvw-fl61-r3JAQZoGtgECLZhw==
expires
Fri, 29 Apr 2022 19:12:28 GMT
1643183876.png
cdnstatic.svc.litv.tv/pics/embed_showcase/2022/01/ Frame 2197 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnstatic.svc.litv.tv/pics/embed_showcase/2022/01/1643183876.png
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQz|aGluZXQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-51.dus51.r.cloudfront.net
Software
Apache/2.2.21 (Unix) DAV/2 /
Resource Hash
293e5103d8c63e22a8a3a92b2e728e33ab71a1c5b1f7b100e33c53ce7469c55f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 03 Apr 2022 06:05:18 GMT
via
1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
age
1454499
x-cache
Hit from cloudfront
content-length
22405
last-modified
Wed, 26 Jan 2022 07:57:57 GMT
server
Apache/2.2.21 (Unix) DAV/2
etag
"406b38-5785-5d6778f522e4c"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
Rkw9OAXcANO2kzFjr42lA0CHU50wXypgYaiKsfmuA5tZqD1pQIZAsA==
expires
Tue, 03 May 2022 06:05:18 GMT
EMBED29.json
player.svc.litv.tv/meta/acs/hinet3/ Frame 2197 		15 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.svc.litv.tv/meta/acs/hinet3/EMBED29.json?cb=38204
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87836ae66ec86ce054d125ab4887ce010ea36910330ddbb9806b0f80a3b72d8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQz|aGluZXQ=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 18:19:07 GMT
content-encoding
gzip
last-modified
Tue, 19 Apr 2022 18:15:58 GMT
server
AmazonS3
age
28066
etag
W/"50ed6e08e8d9c5f033a746ba9ba1fd5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
1xtq1iZIUd0ezt0yetQUg_kE9.4f4uHf
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
content-type
application/json
x-amz-cf-id
IDRoMQaW1vzNq6VE3VxcqpNFfninY1xP5Y2m-50uOje8p3nPKJ4PZw==
log.gif
r.popin.cc/ 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/log.gif?type=related-tw&uid=6d9d3bf415db68aa9011650420410716&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&t=1650420412100
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:53 GMT
last-modified
Tue, 10 Sep 2019 07:46:01 GMT
server
nginx
etag
"5d7754b9-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
request
ssp.tenmax.io/supply/tracking/ 		0
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.tenmax.io/supply/tracking/request?bid=8bb04590-c04e-11ec-9654-33ec306c7cf4&chid=593e2afaa21b4a0e&sid=2f0bd42ae1064b18&subsid=d285bde19a1343de
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 02:06:53 GMT
Server
nginx
Connection
keep-alive
X-Application-Context
application:prod,aggregator,build-ext:58070
P3P
CP="CUR ADM OUR NOR STA NID"
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=173953894828614&correlator=4225266071473744&eid=31067166%2C31067150%2C31062930%2C44755509&output=ldjh&gdfp_req=1&vrg=2022041801&ptt=17&impl=fifs&iu_parts=37275962%2Crmaxspace%2Cd285bde19a1343de&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&ifi=2&adks=4235474797&sfv=1-0-38&ecs=20220420&fsapi=false&prev_scp=adx_region%3DTWN%26line_item_type%3DadSense&sc=1&cookie=ID%3D7aeb9a1e9fafdbfd-2273b7bf7bcd006c%3AT%3D1650420409%3ART%3D1650420411%3AS%3DALNI_MaCuu1lsLKoe6xRzWrVAXWWCDkljA&abxe=1&dt=1650420412213&lmt=1650420412&dlt=1650420403187&idt=5632&biw=1600&bih=1200&adxs=1000&adys=1634&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&fws=4&ohw=1600&ga_vid=1746851889.1650420409&ga_sid=1650420409&ga_hid=1330532702&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
d522ddc0733e416486ea62aa5ecf0c691b61747e60b9ec30405217f4f8e1b979
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9500
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
t.ssp.hinet.net/ Frame 10DB 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=3d711f&cid=0f1b405b-4e10-4237-a3b5-92e8fa938f2a&mp=645f1f83-8da9-451c-b42f-b9f76357727e
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:53 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
pixel
645f1f83-8da9-451c-b42f-b9f76357727e.t.ssp.hinet.net/ Frame 10DB 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://645f1f83-8da9-451c-b42f-b9f76357727e.t.ssp.hinet.net/pixel?bd=645f1f83-8da9-451c-b42f-b9f76357727e&t=3d711f
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQz|aGluZXQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:53 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
/
www.facebook.com/tr/ Frame D952 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=271699991685076&ev=PageView&dl=https%3A%2F%2Ffino.svc.litv.tv%2Facs%2Frts.html&rl=https%3A%2F%2Fplayer.svc.litv.tv%2F&if=true&ts=1650420412259&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&it=1650420411477&coo=false&exp=p0&rqm=GET
Requested by
Host: fino.svc.litv.tv
URL: https://fino.svc.litv.tv/acs/rts.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fino.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 20 Apr 2022 02:06:52 GMT
rpc
p-api02.svc.litv.tv/cdi/v2/ Frame 2197 		98 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p-api02.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.242.135.3 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
/
Resource Hash
44802c283aff71f6b9c2b97be74d6349ac69a0e76f12079b515d95c692f7bd91
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 20 Apr 2022 02:06:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Access-Control-Allow-Headers
Content-Type
rpc
p-api02.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-api02.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.242.135.3 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Content-Length
0
Date
Wed, 20 Apr 2022 02:06:53 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AD89 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
15996
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 21:40:16 GMT
expires
Wed, 19 Apr 2023 21:40:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9E6C 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7568a8bc9a3b48de2727b66264598225a99198321f422ae119e501d6e41670ce
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-iWXTIP+lfg2dk2H6+sWiFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-iWXTIP+lfg2dk2H6+sWiFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:06:52 GMT
expires
Wed, 20 Apr 2022 02:06:52 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F347 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
15996
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 21:40:16 GMT
expires
Wed, 19 Apr 2023 21:40:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6C94 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1d999d822abc4f61f682f3ab44462f385b61df2c41dcf6d5903e223e71ca3fd9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DUswQsSkmTmQPskNpiEyyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
510
content-security-policy
script-src 'report-sample' 'nonce-DUswQsSkmTmQPskNpiEyyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:06:53 GMT
expires
Wed, 20 Apr 2022 02:06:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ads1.js
fino.svc.litv.tv/ads/ Frame 2197 		17 B
473 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fino.svc.litv.tv/ads/ads1.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-9.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af2ac8055983b59c939388ef2b32ef532b5eb338d4f1758be91a125d4f07d83f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
S0gUSQE16svoHk1.rmwu2P08mV03VNo6
via
1.1 28e56b9ddced4ed414e75f87cbd0d976.cloudfront.net (CloudFront)
etag
"8ba19eeed6689e4d7c76742e23055415"
age
12233
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
17
last-modified
Thu, 18 Feb 2021 02:44:24 GMT
server
AmazonS3
date
Tue, 19 Apr 2022 22:45:23 GMT
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-pop
MUC50-P1
accept-ranges
bytes
x-amz-cf-id
jACxRVMuszdiqP0TVNWVICbycEyx4YC147LE37N1TtJCFoI83gBoPw==
analytics.js
www.google-analytics.com/ Frame 10DB 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-138079999-10&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6582
date
Wed, 20 Apr 2022 00:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 20 Apr 2022 02:17:11 GMT
collect
www.google-analytics.com/j/ Frame 10DB 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2040786201&t=event&_s=1&dl=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fex.html%3Fid%3Dppn-aGluZXQz%7CaGluZXQ%3D&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=player&ea=request&_u=aEDAAUABAAAAAC~&jid=1385235839&gjid=90894712&cid=34940685.1650420411&tid=UA-138079999-6&_gid=2004260237.1650420411&_r=1&gtm=2ou4i1&z=1293523082
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ Frame 10DB 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-JRLWM3RJSP&gtm=2oe4i1&_p=2040786201&_z=ccd.NbB&cid=34940685.1650420411&ul=en-us&sr=1600x1200&_s=1&sid=1650420411&sct=1&seg=0&dl=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fex.html%3Fid%3Dppn-aGluZXQz%7CaGluZXQ%3D&dr=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fppnif.html%3Fs%3DaGluZXQz%7CaGluZXQ%3D&dt=&en=request&_fv=1&_ss=1&ep.event_category=player
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JRLWM3RJSP&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ Frame 10DB 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2040786201&t=event&_s=1&dl=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fex.html%3Fid%3Dppn-aGluZXQz%7CaGluZXQ%3D&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=player&ea=request&_u=aEDAAUABAAAAAC~&jid=1013564451&gjid=1053925389&cid=34940685.1650420411&uid=0f1b405b-4e10-4237-a3b5-92e8fa938f2a&tid=UA-138079999-10&_gid=2004260237.1650420411&_r=1&gtm=2ou4i1&z=589206235
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
request
ssp.tenmax.io/supply/tracking/ 		0
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.tenmax.io/supply/tracking/request?bid=8bd00290-c04e-11ec-9654-33ec306c7cf4&chid=64941d9356314143&sid=d1becdb66bca40ce
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 02:06:53 GMT
Server
nginx
Connection
keep-alive
X-Application-Context
application:prod,aggregator,build-ext:58070
P3P
CP="CUR ADM OUR NOR STA NID"
impression
ssp.tenmax.io/supply/tracking/ 		0
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.tenmax.io/supply/tracking/impression?bid=8bd00290-c04e-11ec-9654-33ec306c7cf4&chid=64941d9356314143&sid=d1becdb66bca40ce
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 02:06:53 GMT
Server
nginx
Connection
keep-alive
X-Application-Context
application:prod,aggregator,build-ext:58070
P3P
CP="CUR ADM OUR NOR STA NID"
ex.html
player.svc.litv.tv/v3/ Frame F825 		47 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQ2|aGluZXQ=
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6db16d8afce57e4a01eb12c54e3722f2ce596d547cb2990c27bb8892ad1ea31

Request headers

Referer
https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQ2|aGluZXQ=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
64282
content-encoding
gzip
content-type
text/html
date
Tue, 19 Apr 2022 08:15:31 GMT
etag
W/"50cdd10db3b554afc6957ee1511f0d70"
last-modified
Tue, 19 Apr 2022 08:14:12 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-id
VXt3VGcH-nB6bcfDx-IJyR4vht4HgOQRJ94xvM1ahD8nkdIGdoE0Yw==
x-amz-cf-pop
FRA50-C1
x-amz-version-id
5x9JN_7t3e23nQBUPD6Rli383GBlNQUX
x-cache
Hit from cloudfront
hinet6-config.json
player.svc.litv.tv/meta/config/ Frame 9DEF 		727 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.svc.litv.tv/meta/config/hinet6-config.json?cb=38204
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
07b657a38321b069452668fcdd55a4a23ccb878064ddca2de2711a1fe790342c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQ2|aGluZXQ=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
SVyPDoEgCUQguZ5KfAIpDGBtJoYi89Xy
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 00:05:10 GMT
server
AmazonS3
age
20700
etag
"9769b566b716ab20938d8cc2f0b20f8e"
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age=43200
date
Tue, 19 Apr 2022 20:21:54 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
727
x-amz-cf-id
_lu9tAHpkpgUgxLw9PMPWZq31zyacjx-hnlvhExbKPshURJlvGUxFQ==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 6435 		155 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1740840196959600
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
22b68a136dd882531570abc4ea12b6db8ea7fc3a4c0dd4b1f09f0b232ad06e36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Origin
https://times.hinet.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54310
x-xss-protection
0
server
cafe
etag
6222731946171904662
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 20 Apr 2022 02:06:53 GMT
9dd5bca8-cab9-40f5-9a4a-340d0a9eadcc
https://player.svc.litv.tv/ Frame 9DEF 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://player.svc.litv.tv/9dd5bca8-cab9-40f5-9a4a-340d0a9eadcc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQ2|aGluZXQ=
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
popin_send_cookie_set_fail.js
api.popin.cc/test/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/test/popin_send_cookie_set_fail.js?20201223
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/popin_discovery5-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
5cd346875d100956f33b228c65b2eea3e958621a4d906b95c612c0c0c617a2d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 02:06:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Oct 2021 03:29:29 GMT
Server
nginx
ETag
W/"27aab2e5fb58e044704790074416e410"
X-Cache-Status
HIT from 10.252.55.25
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
x-amz-version-id
NVPBtcLlaQ0R5YVGUD48RBS0d2V00MrK
Expires
Wed, 20 Apr 2022 03:06:53 GMT
container.html
24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 559D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:06:49 GMT
expires
Thu, 20 Apr 2023 02:06:49 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
impression
ssp.tenmax.io/supply/tracking/ 		0
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.tenmax.io/supply/tracking/impression?bid=8bb04590-c04e-11ec-9654-33ec306c7cf4&chid=593e2afaa21b4a0e&sid=2f0bd42ae1064b18&subsid=d285bde19a1343de&lineitemid=5346731421
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 02:06:53 GMT
Server
nginx
Connection
keep-alive
X-Application-Context
application:prod,aggregator,build-ext:58070
P3P
CP="CUR ADM OUR NOR STA NID"
js
www.googletagmanager.com/gtag/ Frame F825 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-59507085-1
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQ2|aGluZXQ=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b115744203d4a4465e30e93ce3e33b7fe9120ccde3f32d4045623e9d041831ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:53 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38761
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Apr 2022 02:06:53 GMT
utag.js
t.ssp.hinet.net/ Frame F825 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQ2|aGluZXQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:53 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 08:43:40 GMT
server
nginx
etag
W/"6215f3bc-11a3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Wed, 20 Apr 2022 02:16:53 GMT
collect
stats.g.doubleclick.net/j/ Frame 10DB 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-138079999-6&cid=34940685.1650420411&jid=1385235839&gjid=90894712&_gid=2004260237.1650420411&_u=aEDAAUAAAAAAAC~&z=1346482959
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 20 Apr 2022 02:06:53 GMT
content-type
text/plain
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ Frame 10DB 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-138079999-10&cid=34940685.1650420411&jid=1013564451&uid=0f1b405b-4e10-4237-a3b5-92e8fa938f2a&gjid=1053925389&_gid=2004260237.1650420411&_u=aEDAAUABAAAAAC~&z=523528507
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 20 Apr 2022 02:06:53 GMT
content-type
text/plain
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ Frame F825 		88 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TXVNLXL
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQ2|aGluZXQ=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
763bb2c0bde38ed51a85e774c4d38ade02cc9f0d65e39ca1ece77a589e86646c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:53 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34838
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Apr 2022 02:06:53 GMT
dms.js
fino.svc.litv.tv/acs/ Frame F825 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fino.svc.litv.tv/acs/dms.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQ2|aGluZXQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-9.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5b27c9c7226962d8841824af1929aa5d512c99c91f25eb84512be917e897e93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
2DHBAE_mtD6o2PKYw8R0BKU9ykPtbN4.
content-encoding
gzip
last-modified
Mon, 27 Dec 2021 04:39:13 GMT
server
AmazonS3
age
75987
etag
W/"bf0b1d2c0f302f8820abdbfe331bc5d6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 47755cdb8b36419a04f12ee3c24f7fae.cloudfront.net (CloudFront)
date
Tue, 19 Apr 2022 05:00:27 GMT
x-amz-cf-pop
MUC50-P1
x-amz-cf-id
FWrmNO0QN4W8uk2W__FLRl-9rvS9MfrB3rdPzz2AsD3O1N-1HGM0pg==
sodar
pagead2.googlesyndication.com/pagead/ Frame 9E6C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041301&jk=1580441317644711&rc=
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 6C94 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220413&jk=3975703067766539&rc=
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/ Frame 6435 		303 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1740840196959600&plah=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1740840196959600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dff6d84c74fad1cc1010d25affa12ab3d493db8c68fbcf3d62b73e2131d5b6da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110917
x-xss-protection
0
server
cafe
etag
796482156833152608
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 20 Apr 2022 02:06:53 GMT
l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
pagead2.googlesyndication.com/bg/ Frame AD89 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 21:22:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
17044
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13574
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 21:22:49 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0B64 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQ2OPDowMYq9bNxgEwAQ&v=APEucNUD1YNHdKt7CIDIlcrZwePizVlTD7gXGuvL2lEYZmoDUuZiWhiMFCvOpw3m4UjIIvBoufGTHgYQA_DqTjSBVByiuaEZTLtyr5arSAv45XdESo9pR6-7rKNNXSFPDTotqWDBho8scVFJ9Ud4mesqP1nyC_hcO6mjAqENzOCftJvbbBCJvL0
Requested by
Host: 24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
URL: https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:06:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 559D 		91 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C7uGXi2Vf2OFi2cs5mvYZCzvI4zzWPdZBAefAsB7A5x1QxuHWgu-vmdMTNNBnXo-pfb0RqE2jY6DAn2AmukL3jFNFhJn9y7t4PsuHpFHCBYWxhywL9FgbvJ-s3NZnz66jEUsH8mLgYvmeI49nvLddESVMemQ&dbm_d=AKAmf-DC4cG0Hr3GjDAXnrQ3pba20qmSULoNqk4aHrXqRfc3mGsZc83AVw_iVVn1XAm6fFvKr-FZ-tte8bi1-T9ggMBU7F7miKgmyfZUDk9Jq3K-RT5R78VFPyQexGMxd5H1Y9YWm1EHm4N3yJkK0taGyHWthX41U9aOwy31on_QhHfJR_0dEb17FA3P4vG21nCfFuJUaHM6h58U3sHtLMRBVNSdzMabd6iB-00n80T3FmEVwXAZZ-fb2KnUVgIMiy1VQT8wzprw_gsFTnvzqeZbyCTDRtmx9iElN9A0_QSqNgI9B68wpEo2MFzRWVKLs46fT_KipCxrNaD8gmPkOvJnBOqYCQxs8tdSIKbS6oJ2eDnr3kCs0ODo9SdNCAW-6hlnv4OUE9otIdhLDxxwqCLWLGWtrYLzJ_U5JfGf_77JLjh7tQpNk3N8LX1Czkcfea6rpFZ6Et5eYTdGw258LdrhqjpZkoRZzcw-MNb6HEl7-IQOIhIBcIRXU6MgPxPbIy9IMat7bf9BldFF9D_ZNrQrioJRXXtHik2wVRLjUOqeMWdsOge4_Qd5YYpQGezBkaJWOjqa4KqbDEs70gkQpXN3kjmn6z8luiziZryRdsS611bp2-CAiNXesJK2OGu5ahtWdBgskXrEQcnBYOmFi4-t7sbedgJ2SPjtb2Q2oIdz5W9ZiEwBtnQL4vD7R2arZISvxsPCbl8rPLfalo-Y06pn7qvokXdH8C3aTjuivgUFju-mdTpJBjJhXohWdDEue9oVr2yEXbyvnykoeVsiQrrWoqZ3NBy0UGVhKabrCAgV3Z_UL-XjocOvN7ecEzKA6CXBM8BFkxCAAQWZ3knCYIqdHPO_fmRSlVAjJ1kzBTsKeGND6JfpZYc-zrj1XUqyzoCvMIbBQ0EoHWvfG0ZN5HCKqE1BKQkHLYz4vUx-NbcmY7pEF1o4IhVtiXx10PDUZTRMz-42Ej6NSJxMSh7mMVO1w90C6QoNg7YIGeBJ-jors0HfBLk1ovxIwZOki4B3trrpmMNYx0-xGW3tYCan9rs2isLG2UgsJkrl6kpPv7IOAG1oF1dGU7hCYE1vaE6lATevIpmCDZ5x0HY6mrQrXW4KGvP79LA_tI4Aj-MbRl_4CHg548roLa8IqMaWLDI_aZ_MN2wvTq3GhtwjvGHeqzeXxaJ2zY4mnOIY1TOftbv_T56BEZLZkrllw0E2OrAakd41299tJWGrO0hrjEj1neomoOsDlksL0s2LCaNeJ9yPrnhw80RyYoYkdXSFo4_QiMj7Ytl3t4IlCC--E5nKcwv5pGGEWCoMreuzVRMg5Ja2cHd8sEes8vtG8DOIAGU7bp7myMCGbx9e10-quKDq3EinVBe0Tqon-c3XXZJG94fcM27P0nByKhsTC2WH17A_JgtEUFvib6LvlY58X7TvylDlfpfRtjAQ_VZbbYOoez28R4u_QL7MRkTDqkbl2O0NEx9icPOUF3pEb4VlRIX2hqEfzvPAFpSX7jw1v1I1Ve8tellD330uvx5GrbyCo0khDEKOKzCvnV6cO6tdY4rmAgY7DBIbbLZlFunJp_XX4Pdap1hKnFiFLm-No72ns6xF-v8wU4JPIdI5ozKzTDWaG-GlKZdAkOPX3l0-vLoJ0abFPoiG4TzoPt3br3WiK-vB8d86rePCdCqUQC634hI99cS0OmDANz3ebLoCfy9xpCGc4uhChPTrTNd9bJdO2a_r7qbJQtBSjAfhW4CUHSKtSGY8ztf4Jt_3WXb6WNIn86Y6_kXo4am7smS27vi3piILuYQErBkaAvDxsApR4jOo_Blp59luXXnZ6Evp5QKVS10B-q6SLoZnJsDj2YFIGQ0gOY5-GShU951qSaVYCK99Ij22TjXEsLbsizwtOOhCr9JlNrdp_GdGZOws2RBS13TFzTWSXzEjlV1Jt59yMtBe2UOeGqAR34cfGK3R3vNH2Uds7ynvXeYtHjbhy50jOXi7zrG8CsGsHKW1VQgYwq_ZaYHLmR_jlldM9cJ6uyPRK4e2z_i6cO6VWXLuBGXcIxduJanR8e56Dmr6ZEy4iCzxs8gK8ZYLHRKslbK6dYbPeZrzCDskGPrz9-cX8BhEdn4u41myj24E8W-BekIxljTT8pGft5RRlv5gqitavSwemwFDezfqYsrUD5VDEG1Dx2GbHr4aq0Sq-j2_38Ph7-bvYAzbGrRJxa5ueJC51jtNdef0YpeKOupixy2I4U4fj2SxwLTSibnP5RPfnzv9RHEQBrryGXUU35rl06wTQQi50Ih6yt1RgxkboltGBJ7hZ3ZHE2P2KswDwGqUKby4aiSJugohSDDdpMbbxNpIIWolyG6aRVzc4ditjgHE0-dJMM3iBWOs34xAQ9kVXZZ7XZ7agikWwVk8Yi0q9-auUwhE2KYmOBKZGEWBy6QB5aeJuFUzzPauCSSFt6oe4k-o6LwYRDXOZVx2BWZcfkVXZvPVI6MClvF2w7siEkq3KZiW1UOdgzTD4FmweFgx6NkkeGK7YCHZI4x7BXihfSzivqXhgx0T9jue6uUsNfCkNdRlSBxIsk4iPGrD8gbb1UtCiMuJvgbgbVdnf_8imUe9wyrIJbqDQOsdPRRcSmB7ZwGAm4-aMdWapwILap2o1xbk5CDnVYu0gyCGRhCtWEAPD4vJfSkrtKkoPiZSdgPqWliXM-tqujYFKwB4fiF3LCHbB-zVAsVfGqfa8AaSvbzkdBs23a3lyGX3FEC_6P6dF4SGCM6H9YfunTr17LGmmg5G55fzZ87BrawzIewg9YDn_vtJYOYBTMB2UvzHxjYKNoXkPF0M0rG7wPBu7-Yb6yUrB_4UmXz8DAzPT4Qwjpb1yPcEnKgCoE36GfjJTJwRVCG_ItAWhjNpZ1D8PBPhY4JTPNwnY1b1BV71YyV6vffcsBPw79hxc1PEys1LADhL-A4v42fcBYE_RI05lvzwGWmMgEvOchOiOvI-g4WjS6FOWwa0ngAOSG_iX3r1d3AVDCyEa3I5XLApLA9QYRsxAetr_3uHT9kimqQ05CoCst1jNIyLcNtpizfbehYM6Qr5QLQ1vD54GvVjRY_NGCkwRvOGg_78VYuX7M_-cgM7rw&cid=CAASJORopq5hUksQkoZ1AjephHS0HRh0sVlGHww1Fq331ohYVDR70g&rfl=1%2Chttps%253A%252F%252Ftimes.hinet.net%252F%240
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13cc47f83c2f6e2d0828c83f56845b729902fb395c8def1dd2fc4ebfc30dce47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35925
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 559D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ASVTz76Cj6Mm12sm0tujWgIR0VggUKTOYc8Ee7w2-C5aKlQb-SqZnQWpt6sqNYwToe4MojAO1zRzaMY1B1pfhav8T4PbSPH-8iTlp_MsMVS3NqsLo
Requested by
Host: 24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
URL: https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 559D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: 24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
URL: https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 May 2022 02:02:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 559D 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
URL: https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650281421154365"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Apr 2022 02:06:53 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 559D 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
URL: https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 01:47:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1172
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 May 2022 01:47:21 GMT
l
www.google.com/ads/measurement/ Frame 559D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSPwyBLP-UIgOXLJijL2xXiGs6zRYfwhsjQ4Uan2zRea0_9cxeDDnSIeDH34oHt-uFimEDfy_v0sqpJm3HBmfthYkQawA
Requested by
Host: 24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
URL: https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
hinet6-schedule.json
player.svc.litv.tv/meta/vc/ Frame 9DEF 		28 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.svc.litv.tv/meta/vc/hinet6-schedule.json?cb=38204
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f954d8fc1b0f633814e95c174d0347dd8f9a510ab1121648b2c81c4624770b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQ2|aGluZXQ=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
Zb2y1KEPqpOPtYBnyH69NMt79twyh9rV
content-encoding
gzip
last-modified
Tue, 19 Apr 2022 20:41:24 GMT
server
AmazonS3
age
549
etag
W/"33de6b76668dd12af669aee228a3182c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control
max-age=1800
date
Wed, 20 Apr 2022 01:57:45 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
f8Y_4I4nVCcYm5ARxfqBTzm8EYLO_GT7C4u86Nrg71S1KdM06_5Z-g==
truncated
/ Frame 9DEF 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a8609eeda77369cd567a813411d740959695b5a47db762f2f6dfbb6006cefcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png;charset=utf-8
vtt.min.js
vjs.zencdn.net/vttjs/0.14.1/ Frame 9DEF 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/vttjs/0.14.1/vtt.min.js
Requested by
Host: jsmodule.svc.litv.tv
URL: https://jsmodule.svc.litv.tv/videojs/video.novtt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5a36011812516a45305217c2fc2d0a0b2fcf9e66e4c84708cc1b6818066024fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:53 GMT
content-encoding
gzip
last-modified
Tue, 10 Apr 2018 19:42:19 GMT
etag
"52c6ba3260a51c570977f84d2bd7bf55"
x-served-by
cache-mxp6940-MXP
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
7089
x-cache-hits
6921
ads_check.js
fino.svc.litv.tv/acs/ Frame 9DEF 		36 B
494 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fino.svc.litv.tv/acs/ads_check.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-9.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c47ff9781e5c10d5b7a4edbd121682c9d6150251dfa4c0820f9939a70e623f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
EHi4EZ.gJdlfigQoKnOSB_rq9xJIQl9.
via
1.1 28e56b9ddced4ed414e75f87cbd0d976.cloudfront.net (CloudFront)
etag
"eccd8c86e285ee7d525d2b012ed3c06d"
age
85684
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
36
last-modified
Fri, 19 Feb 2021 02:39:49 GMT
server
AmazonS3
date
Tue, 19 Apr 2022 03:14:18 GMT
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-pop
MUC50-P1
accept-ranges
bytes
x-amz-cf-id
zmAKCC-K7exZETQPGTuMc3BKmCmDrfCbM8h26bHy6zIInZE9F3jWzQ==
bridge3.510.1_zh_tw.html
imasdk.googleapis.com/js/core/ Frame F5BD 		631 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.510.1_zh_tw.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89d171a4d59e745c28bf0ae9dcf3784b8417aeb344790a567efe6137d1d2a117
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://player.svc.litv.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
440145
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210011
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 23:51:08 GMT
expires
Fri, 14 Apr 2023 23:51:08 GMT
last-modified
Thu, 14 Apr 2022 23:44:31 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ppn
pusti.svc.litv.tv/callback/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pusti.svc.litv.tv/callback/ppn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.74.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.74.96.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://player.svc.litv.tv
access-control-max-age
60
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 20 Apr 2022 02:06:53 GMT
via
1.1 google
client.js
s0.2mdn.net/instream/video/ Frame 9DEF 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Apr 2022 02:06:53 GMT
ppn
pusti.svc.litv.tv/callback/ Frame 9DEF 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pusti.svc.litv.tv/callback/ppn
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.74.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.74.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Apr 2022 02:06:53 GMT
via
1.1 google
access-control-allow-headers
Content-Type
access-control-max-age
60
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-store, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p
sb.scorecardresearch.com/ Frame 9DEF 		43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=8&c2=18986219&c3=1&cj=1&c4=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fppnif.html%3Fs%3DaGluZXQ2%7CaGluZXQ%3D&rn=1650420412873
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQ2|aGluZXQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-121.dus51.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:53 GMT
via
1.1 b17dca9c320b96e12b996848d121ffe4.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
content-length
43
x-amz-cf-id
rgzfujHnPi4Ts5WLioTa6sKQRnkYoeaVmRdHwIknQO2QIpayavTKbQ==
x-cache
Miss from cloudfront
content-type
image/gif
l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
pagead2.googlesyndication.com/bg/ Frame F347 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 21:22:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
17044
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13574
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 21:22:49 GMT
avs
adsv.svc.litv.tv/ Frame F825 		2 B
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsv.svc.litv.tv/avs?puid=0f1b405b-4e10-4237-a3b5-92e8fa938f2a
Requested by
Host: fino.svc.litv.tv
URL: https://fino.svc.litv.tv/acs/dms.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.234.181 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
181.234.117.34.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 20 Apr 2022 02:06:53 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
vary
Origin
content-type
application/json
EMBED34.json
player.svc.litv.tv/meta/acs/hinet6/ Frame 9DEF 		12 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.svc.litv.tv/meta/acs/hinet6/EMBED34.json?cb=38204
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
95ec5362c0ae5dd27bcb0cd301fe1a5460c4384e4b932702f11f82373bab7aaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQ2|aGluZXQ=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 18:19:10 GMT
content-encoding
gzip
last-modified
Tue, 19 Apr 2022 18:16:06 GMT
server
AmazonS3
age
28064
etag
W/"d22143806ddd833eb1e72407a928c8df"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
AYUjHV_dzllKxUsacg58QXNbm8nsa.5c
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
content-type
application/json
x-amz-cf-id
2Us4nVbybvSCuyAfjmT4Erq7fRrWmtZU_dCAePRUTYIcRuWPi8t2iA==
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5F8F 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 01:36:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 20 Apr 2022 02:36:10 GMT
js
www.googletagmanager.com/gtag/ Frame F825 		98 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-138079999-6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59507085-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6d7d42b6d1b61bf5da707978ff08a2796bc2b1032ed4494eb1694ca309814d6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:53 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38726
x-xss-protection
0
expires
Wed, 20 Apr 2022 02:06:53 GMT
js
www.googletagmanager.com/gtag/ Frame F825 		179 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JRLWM3RJSP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59507085-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
16073a0bc6e36b3da6b1b9931ae14b511f326349f54954aa3f321c8f54b7ade9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:53 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67510
x-xss-protection
0
expires
Wed, 20 Apr 2022 02:06:53 GMT
js
www.googletagmanager.com/gtag/ Frame F825 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-138079999-10&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59507085-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e6614a358af741f917f493fdee842f905c38158e541e04162da6a6b586867dd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:53 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38733
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Apr 2022 02:06:53 GMT
ytc.js
s.yimg.com/wi/ Frame F825 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 20 Apr 2022 01:30:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2208
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
5748
x-amz-id-2
sq8piDXuIBMy10ATIrYmXrVz8vMQAc8DyHxlLiXtryZXP1aont+VFAQqdn7t5PsdJbrfqpGl5F0=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Mon, 17 Jan 2022 12:00:39 GMT
server
ATS
etag
"13a189bb8f25228852b3279db3659c28-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
P67H6GXN445842MS
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
accept-ranges
bytes
content-type
application/javascript
lightintegration.js
redir.adap.tv/redir/javascript/ Frame F825 		31 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://redir.adap.tv/redir/javascript/lightintegration.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXVNLXL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.28 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lha/8D0D) /
Resource Hash
1e15f65bcef05f2ea9f54e051da9bf7e6fc9eb00a669905c9ed33f4fd7ba26f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:53 GMT
nel
{"report_to": "default", "max_age": 86400, "include_subdomains": true, "failure_fraction": 1.0, "success_fraction": 0.001}
age
526995
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
31633
x-amz-id-2
5Yru9p942M6mXEVvUDPdHipBpUE1JxoQVB5A+xry3g1IRfoWs0ykEMfQIe3kTjNLnsMA8bh/sDw=
last-modified
Wed, 13 Sep 2017 23:08:44 GMT
server
ECAcc (lha/8D0D)
x-amz-meta-s3cmd-attrs
uid:1000/gname:adaptv/uname:adaptv/gid:1000/mode:33188/mtime:1505344053/atime:1505344249/md5:1de3d0b5f3cbe8b1e87e274f129ac0e7/ctime:1505344249
etag
"1de3d0b5f3cbe8b1e87e274f129ac0e7"
report-to
{"group": "default", "max_age":86400, "endpoints":[{"url":"https://report.edgecast.com/","priority":1 }, {"url":"https://nelcollector.sre.ecsvc.net/report","priority":2 }]}
content-type
text/plain
x-amz-version-id
XGOCJEPvmrIOhn2ZV_.qAlIiRmN7Rqa0
accept-ranges
bytes
x-amz-request-id
8KYH1S26AZ8FNEBQ
rum
dsum-sec.casalemedia.com/ Frame 0B64
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFjeyhUb_XOUHNVClEUrbls&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFjeyhUb_XOUHNVClEUrbls&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQ2OPDowMYq9bNxgEwAQ&v=APEucNUD1YNHdKt7CIDIlcrZwePizVlTD7gXGuvL2lEYZmoDUuZiWhiMFCvOpw3m4UjIIvBoufGTHgYQA_DqTjSBVByiuaEZTLtyr5arSAv45XdESo9pR6-7rKNNXSFPDTotqWDBho8scVFJ9Ud4mesqP1nyC_hcO6mjAqENzOCftJvbbBCJvL0
Protocol
HTTP/1.1
Server
104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Apr 2022 02:06:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 20 Apr 2022 02:06:53 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFjeyhUb_XOUHNVClEUrbls&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0B64
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yl9qvP1aPy1o8obiwowjQwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFjeyhUb_XOUHNVClEUrbls&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFjeyhUb_XOUHNVClEUrbls&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQ2OPDowMYq9bNxgEwAQ&v=APEucNUD1YNHdKt7CIDIlcrZwePizVlTD7gXGuvL2lEYZmoDUuZiWhiMFCvOpw3m4UjIIvBoufGTHgYQA_DqTjSBVByiuaEZTLtyr5arSAv45XdESo9pR6-7rKNNXSFPDTotqWDBho8scVFJ9Ud4mesqP1nyC_hcO6mjAqENzOCftJvbbBCJvL0
Protocol
HTTP/1.1
Server
104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Apr 2022 02:06:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 20 Apr 2022 02:06:54 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFjeyhUb_XOUHNVClEUrbls&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0B64
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEA-8Vg2KbB0zRmQC-uqlP4g&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEA-8Vg2KbB0zRmQC-uqlP4g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQ2OPDowMYq9bNxgEwAQ&v=APEucNUD1YNHdKt7CIDIlcrZwePizVlTD7gXGuvL2lEYZmoDUuZiWhiMFCvOpw3m4UjIIvBoufGTHgYQA_DqTjSBVByiuaEZTLtyr5arSAv45XdESo9pR6-7rKNNXSFPDTotqWDBho8scVFJ9Ud4mesqP1nyC_hcO6mjAqENzOCftJvbbBCJvL0
Protocol
HTTP/1.1
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Apr 2022 02:06:53 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e6fcfd15-7a07-48b2-85cb-e373cd9206a6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEA-8Vg2KbB0zRmQC-uqlP4g&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0B64
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAwODI3NDY2OTc1OTcyNzQ0OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAwODI3NDY2OTc1OTcyNzQ0OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQ2OPDowMYq9bNxgEwAQ&v=APEucNUD1YNHdKt7CIDIlcrZwePizVlTD7gXGuvL2lEYZmoDUuZiWhiMFCvOpw3m4UjIIvBoufGTHgYQA_DqTjSBVByiuaEZTLtyr5arSAv45XdESo9pR6-7rKNNXSFPDTotqWDBho8scVFJ9Ud4mesqP1nyC_hcO6mjAqENzOCftJvbbBCJvL0
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 20 Apr 2022 02:06:53 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
63dc50a6-4295-421b-a8dd-8ad744ec1d08
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAwODI3NDY2OTc1OTcyNzQ0OA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/996673/61756195/ Frame 559D 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/996673/61756195/skeleton.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.110.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-110-128.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a2fc8223907c4c89a84a2965657c9883575067124124c8d178ebc4c4d807a4ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:53 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 559D 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/
Origin
https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 13:57:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Apr 2022 13:57:03 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/ Frame 559D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C7uGXi2Vf2OFi2cs5mvYZCzvI4zzWPdZBAefAsB7A5x1QxuHWgu-vmdMTNNBnXo-pfb0RqE2jY6DAn2AmukL3jFNFhJn9y7t4PsuHpFHCBYWxhywL9FgbvJ-s3NZnz66jEUsH8mLgYvmeI49nvLddESVMemQ&dbm_d=AKAmf-DC4cG0Hr3GjDAXnrQ3pba20qmSULoNqk4aHrXqRfc3mGsZc83AVw_iVVn1XAm6fFvKr-FZ-tte8bi1-T9ggMBU7F7miKgmyfZUDk9Jq3K-RT5R78VFPyQexGMxd5H1Y9YWm1EHm4N3yJkK0taGyHWthX41U9aOwy31on_QhHfJR_0dEb17FA3P4vG21nCfFuJUaHM6h58U3sHtLMRBVNSdzMabd6iB-00n80T3FmEVwXAZZ-fb2KnUVgIMiy1VQT8wzprw_gsFTnvzqeZbyCTDRtmx9iElN9A0_QSqNgI9B68wpEo2MFzRWVKLs46fT_KipCxrNaD8gmPkOvJnBOqYCQxs8tdSIKbS6oJ2eDnr3kCs0ODo9SdNCAW-6hlnv4OUE9otIdhLDxxwqCLWLGWtrYLzJ_U5JfGf_77JLjh7tQpNk3N8LX1Czkcfea6rpFZ6Et5eYTdGw258LdrhqjpZkoRZzcw-MNb6HEl7-IQOIhIBcIRXU6MgPxPbIy9IMat7bf9BldFF9D_ZNrQrioJRXXtHik2wVRLjUOqeMWdsOge4_Qd5YYpQGezBkaJWOjqa4KqbDEs70gkQpXN3kjmn6z8luiziZryRdsS611bp2-CAiNXesJK2OGu5ahtWdBgskXrEQcnBYOmFi4-t7sbedgJ2SPjtb2Q2oIdz5W9ZiEwBtnQL4vD7R2arZISvxsPCbl8rPLfalo-Y06pn7qvokXdH8C3aTjuivgUFju-mdTpJBjJhXohWdDEue9oVr2yEXbyvnykoeVsiQrrWoqZ3NBy0UGVhKabrCAgV3Z_UL-XjocOvN7ecEzKA6CXBM8BFkxCAAQWZ3knCYIqdHPO_fmRSlVAjJ1kzBTsKeGND6JfpZYc-zrj1XUqyzoCvMIbBQ0EoHWvfG0ZN5HCKqE1BKQkHLYz4vUx-NbcmY7pEF1o4IhVtiXx10PDUZTRMz-42Ej6NSJxMSh7mMVO1w90C6QoNg7YIGeBJ-jors0HfBLk1ovxIwZOki4B3trrpmMNYx0-xGW3tYCan9rs2isLG2UgsJkrl6kpPv7IOAG1oF1dGU7hCYE1vaE6lATevIpmCDZ5x0HY6mrQrXW4KGvP79LA_tI4Aj-MbRl_4CHg548roLa8IqMaWLDI_aZ_MN2wvTq3GhtwjvGHeqzeXxaJ2zY4mnOIY1TOftbv_T56BEZLZkrllw0E2OrAakd41299tJWGrO0hrjEj1neomoOsDlksL0s2LCaNeJ9yPrnhw80RyYoYkdXSFo4_QiMj7Ytl3t4IlCC--E5nKcwv5pGGEWCoMreuzVRMg5Ja2cHd8sEes8vtG8DOIAGU7bp7myMCGbx9e10-quKDq3EinVBe0Tqon-c3XXZJG94fcM27P0nByKhsTC2WH17A_JgtEUFvib6LvlY58X7TvylDlfpfRtjAQ_VZbbYOoez28R4u_QL7MRkTDqkbl2O0NEx9icPOUF3pEb4VlRIX2hqEfzvPAFpSX7jw1v1I1Ve8tellD330uvx5GrbyCo0khDEKOKzCvnV6cO6tdY4rmAgY7DBIbbLZlFunJp_XX4Pdap1hKnFiFLm-No72ns6xF-v8wU4JPIdI5ozKzTDWaG-GlKZdAkOPX3l0-vLoJ0abFPoiG4TzoPt3br3WiK-vB8d86rePCdCqUQC634hI99cS0OmDANz3ebLoCfy9xpCGc4uhChPTrTNd9bJdO2a_r7qbJQtBSjAfhW4CUHSKtSGY8ztf4Jt_3WXb6WNIn86Y6_kXo4am7smS27vi3piILuYQErBkaAvDxsApR4jOo_Blp59luXXnZ6Evp5QKVS10B-q6SLoZnJsDj2YFIGQ0gOY5-GShU951qSaVYCK99Ij22TjXEsLbsizwtOOhCr9JlNrdp_GdGZOws2RBS13TFzTWSXzEjlV1Jt59yMtBe2UOeGqAR34cfGK3R3vNH2Uds7ynvXeYtHjbhy50jOXi7zrG8CsGsHKW1VQgYwq_ZaYHLmR_jlldM9cJ6uyPRK4e2z_i6cO6VWXLuBGXcIxduJanR8e56Dmr6ZEy4iCzxs8gK8ZYLHRKslbK6dYbPeZrzCDskGPrz9-cX8BhEdn4u41myj24E8W-BekIxljTT8pGft5RRlv5gqitavSwemwFDezfqYsrUD5VDEG1Dx2GbHr4aq0Sq-j2_38Ph7-bvYAzbGrRJxa5ueJC51jtNdef0YpeKOupixy2I4U4fj2SxwLTSibnP5RPfnzv9RHEQBrryGXUU35rl06wTQQi50Ih6yt1RgxkboltGBJ7hZ3ZHE2P2KswDwGqUKby4aiSJugohSDDdpMbbxNpIIWolyG6aRVzc4ditjgHE0-dJMM3iBWOs34xAQ9kVXZZ7XZ7agikWwVk8Yi0q9-auUwhE2KYmOBKZGEWBy6QB5aeJuFUzzPauCSSFt6oe4k-o6LwYRDXOZVx2BWZcfkVXZvPVI6MClvF2w7siEkq3KZiW1UOdgzTD4FmweFgx6NkkeGK7YCHZI4x7BXihfSzivqXhgx0T9jue6uUsNfCkNdRlSBxIsk4iPGrD8gbb1UtCiMuJvgbgbVdnf_8imUe9wyrIJbqDQOsdPRRcSmB7ZwGAm4-aMdWapwILap2o1xbk5CDnVYu0gyCGRhCtWEAPD4vJfSkrtKkoPiZSdgPqWliXM-tqujYFKwB4fiF3LCHbB-zVAsVfGqfa8AaSvbzkdBs23a3lyGX3FEC_6P6dF4SGCM6H9YfunTr17LGmmg5G55fzZ87BrawzIewg9YDn_vtJYOYBTMB2UvzHxjYKNoXkPF0M0rG7wPBu7-Yb6yUrB_4UmXz8DAzPT4Qwjpb1yPcEnKgCoE36GfjJTJwRVCG_ItAWhjNpZ1D8PBPhY4JTPNwnY1b1BV71YyV6vffcsBPw79hxc1PEys1LADhL-A4v42fcBYE_RI05lvzwGWmMgEvOchOiOvI-g4WjS6FOWwa0ngAOSG_iX3r1d3AVDCyEa3I5XLApLA9QYRsxAetr_3uHT9kimqQ05CoCst1jNIyLcNtpizfbehYM6Qr5QLQ1vD54GvVjRY_NGCkwRvOGg_78VYuX7M_-cgM7rw&cid=CAASJORopq5hUksQkoZ1AjephHS0HRh0sVlGHww1Fq331ohYVDR70g&rfl=1%2Chttps%253A%252F%252Ftimes.hinet.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 01:37:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1734
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 May 2022 01:37:59 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 559D 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C7uGXi2Vf2OFi2cs5mvYZCzvI4zzWPdZBAefAsB7A5x1QxuHWgu-vmdMTNNBnXo-pfb0RqE2jY6DAn2AmukL3jFNFhJn9y7t4PsuHpFHCBYWxhywL9FgbvJ-s3NZnz66jEUsH8mLgYvmeI49nvLddESVMemQ&dbm_d=AKAmf-DC4cG0Hr3GjDAXnrQ3pba20qmSULoNqk4aHrXqRfc3mGsZc83AVw_iVVn1XAm6fFvKr-FZ-tte8bi1-T9ggMBU7F7miKgmyfZUDk9Jq3K-RT5R78VFPyQexGMxd5H1Y9YWm1EHm4N3yJkK0taGyHWthX41U9aOwy31on_QhHfJR_0dEb17FA3P4vG21nCfFuJUaHM6h58U3sHtLMRBVNSdzMabd6iB-00n80T3FmEVwXAZZ-fb2KnUVgIMiy1VQT8wzprw_gsFTnvzqeZbyCTDRtmx9iElN9A0_QSqNgI9B68wpEo2MFzRWVKLs46fT_KipCxrNaD8gmPkOvJnBOqYCQxs8tdSIKbS6oJ2eDnr3kCs0ODo9SdNCAW-6hlnv4OUE9otIdhLDxxwqCLWLGWtrYLzJ_U5JfGf_77JLjh7tQpNk3N8LX1Czkcfea6rpFZ6Et5eYTdGw258LdrhqjpZkoRZzcw-MNb6HEl7-IQOIhIBcIRXU6MgPxPbIy9IMat7bf9BldFF9D_ZNrQrioJRXXtHik2wVRLjUOqeMWdsOge4_Qd5YYpQGezBkaJWOjqa4KqbDEs70gkQpXN3kjmn6z8luiziZryRdsS611bp2-CAiNXesJK2OGu5ahtWdBgskXrEQcnBYOmFi4-t7sbedgJ2SPjtb2Q2oIdz5W9ZiEwBtnQL4vD7R2arZISvxsPCbl8rPLfalo-Y06pn7qvokXdH8C3aTjuivgUFju-mdTpJBjJhXohWdDEue9oVr2yEXbyvnykoeVsiQrrWoqZ3NBy0UGVhKabrCAgV3Z_UL-XjocOvN7ecEzKA6CXBM8BFkxCAAQWZ3knCYIqdHPO_fmRSlVAjJ1kzBTsKeGND6JfpZYc-zrj1XUqyzoCvMIbBQ0EoHWvfG0ZN5HCKqE1BKQkHLYz4vUx-NbcmY7pEF1o4IhVtiXx10PDUZTRMz-42Ej6NSJxMSh7mMVO1w90C6QoNg7YIGeBJ-jors0HfBLk1ovxIwZOki4B3trrpmMNYx0-xGW3tYCan9rs2isLG2UgsJkrl6kpPv7IOAG1oF1dGU7hCYE1vaE6lATevIpmCDZ5x0HY6mrQrXW4KGvP79LA_tI4Aj-MbRl_4CHg548roLa8IqMaWLDI_aZ_MN2wvTq3GhtwjvGHeqzeXxaJ2zY4mnOIY1TOftbv_T56BEZLZkrllw0E2OrAakd41299tJWGrO0hrjEj1neomoOsDlksL0s2LCaNeJ9yPrnhw80RyYoYkdXSFo4_QiMj7Ytl3t4IlCC--E5nKcwv5pGGEWCoMreuzVRMg5Ja2cHd8sEes8vtG8DOIAGU7bp7myMCGbx9e10-quKDq3EinVBe0Tqon-c3XXZJG94fcM27P0nByKhsTC2WH17A_JgtEUFvib6LvlY58X7TvylDlfpfRtjAQ_VZbbYOoez28R4u_QL7MRkTDqkbl2O0NEx9icPOUF3pEb4VlRIX2hqEfzvPAFpSX7jw1v1I1Ve8tellD330uvx5GrbyCo0khDEKOKzCvnV6cO6tdY4rmAgY7DBIbbLZlFunJp_XX4Pdap1hKnFiFLm-No72ns6xF-v8wU4JPIdI5ozKzTDWaG-GlKZdAkOPX3l0-vLoJ0abFPoiG4TzoPt3br3WiK-vB8d86rePCdCqUQC634hI99cS0OmDANz3ebLoCfy9xpCGc4uhChPTrTNd9bJdO2a_r7qbJQtBSjAfhW4CUHSKtSGY8ztf4Jt_3WXb6WNIn86Y6_kXo4am7smS27vi3piILuYQErBkaAvDxsApR4jOo_Blp59luXXnZ6Evp5QKVS10B-q6SLoZnJsDj2YFIGQ0gOY5-GShU951qSaVYCK99Ij22TjXEsLbsizwtOOhCr9JlNrdp_GdGZOws2RBS13TFzTWSXzEjlV1Jt59yMtBe2UOeGqAR34cfGK3R3vNH2Uds7ynvXeYtHjbhy50jOXi7zrG8CsGsHKW1VQgYwq_ZaYHLmR_jlldM9cJ6uyPRK4e2z_i6cO6VWXLuBGXcIxduJanR8e56Dmr6ZEy4iCzxs8gK8ZYLHRKslbK6dYbPeZrzCDskGPrz9-cX8BhEdn4u41myj24E8W-BekIxljTT8pGft5RRlv5gqitavSwemwFDezfqYsrUD5VDEG1Dx2GbHr4aq0Sq-j2_38Ph7-bvYAzbGrRJxa5ueJC51jtNdef0YpeKOupixy2I4U4fj2SxwLTSibnP5RPfnzv9RHEQBrryGXUU35rl06wTQQi50Ih6yt1RgxkboltGBJ7hZ3ZHE2P2KswDwGqUKby4aiSJugohSDDdpMbbxNpIIWolyG6aRVzc4ditjgHE0-dJMM3iBWOs34xAQ9kVXZZ7XZ7agikWwVk8Yi0q9-auUwhE2KYmOBKZGEWBy6QB5aeJuFUzzPauCSSFt6oe4k-o6LwYRDXOZVx2BWZcfkVXZvPVI6MClvF2w7siEkq3KZiW1UOdgzTD4FmweFgx6NkkeGK7YCHZI4x7BXihfSzivqXhgx0T9jue6uUsNfCkNdRlSBxIsk4iPGrD8gbb1UtCiMuJvgbgbVdnf_8imUe9wyrIJbqDQOsdPRRcSmB7ZwGAm4-aMdWapwILap2o1xbk5CDnVYu0gyCGRhCtWEAPD4vJfSkrtKkoPiZSdgPqWliXM-tqujYFKwB4fiF3LCHbB-zVAsVfGqfa8AaSvbzkdBs23a3lyGX3FEC_6P6dF4SGCM6H9YfunTr17LGmmg5G55fzZ87BrawzIewg9YDn_vtJYOYBTMB2UvzHxjYKNoXkPF0M0rG7wPBu7-Yb6yUrB_4UmXz8DAzPT4Qwjpb1yPcEnKgCoE36GfjJTJwRVCG_ItAWhjNpZ1D8PBPhY4JTPNwnY1b1BV71YyV6vffcsBPw79hxc1PEys1LADhL-A4v42fcBYE_RI05lvzwGWmMgEvOchOiOvI-g4WjS6FOWwa0ngAOSG_iX3r1d3AVDCyEa3I5XLApLA9QYRsxAetr_3uHT9kimqQ05CoCst1jNIyLcNtpizfbehYM6Qr5QLQ1vD54GvVjRY_NGCkwRvOGg_78VYuX7M_-cgM7rw&cid=CAASJORopq5hUksQkoZ1AjephHS0HRh0sVlGHww1Fq331ohYVDR70g&rfl=1%2Chttps%253A%252F%252Ftimes.hinet.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 00:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4453
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9777
x-xss-protection
0
server
cafe
etag
12512753850102923420
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 May 2022 00:52:40 GMT
truncated
/ Frame 9DEF 		17 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90ee20c6b2fe58c0bc327b411d5a68e2be5eea7b37eb642ee9e1a73f4c51f5eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/jpeg;charset=utf-8
cookie.js
partner.googleadservices.com/gampad/ Frame 6435 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=&callback=_gfp_s_&client=ca-pub-1740840196959600&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1740840196959600&plah=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 6435 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1740840196959600&plah=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 6435 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1740840196959600&plah=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6435 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&tn=DIV&id=goTop&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 2E4C 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740840196959600&output=html&adk=1812271804&adf=480832060&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420412739&bpp=3&bdt=182&idt=353&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&nras=1&correlator=7627605533712&frm=23&ife=1&pv=2&ga_vid=1746851889.1650420409&ga_sid=1650420413&ga_hid=856103074&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=580&ish=400&ifk=3581017202&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064019&oid=2&pvsid=55169206926762&pem=129&tmod=1527544047&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.9oib94gwgfq&fsb=1&dtd=389
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1740840196959600&plah=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:06:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rpc
p-api02.svc.litv.tv/cdi/v2/ Frame 9DEF 		98 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p-api02.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.242.135.3 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
/
Resource Hash
3965e9361a3c6e9732d52eadf14244cd57d1c47e13c02673f6acd81620736c19
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 20 Apr 2022 02:06:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Access-Control-Allow-Headers
Content-Type
rpc
p-api02.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-api02.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.242.135.3 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Content-Length
0
Date
Wed, 20 Apr 2022 02:06:54 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 6C3F 		87 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740840196959600&output=html&h=400&slotname=4874654900&adk=3033242791&adf=2751418291&pi=t.ma~as.4874654900&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420412742&bpp=2&bdt=185&idt=519&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=1&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420413&ga_hid=856103074&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1116&biw=1600&bih=1200&isw=580&ish=400&ifk=3581017202&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064019&oid=2&pvsid=55169206926762&pem=129&tmod=1527544047&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.8m9rx1id11s0&fsb=1&dtd=525
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1740840196959600&plah=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c4a100f4fa5ea0213e1159698f3806e4a96aadcb32db2c8865db584adc7d871
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
33543
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:06:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
t.ssp.hinet.net/ Frame F825 		36 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
fba9fcae554e343c051c331471b0f36b3ba4a094268562b8d24872835b096b37
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:54 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
ads1.js
fino.svc.litv.tv/ads/ Frame 9DEF 		17 B
472 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fino.svc.litv.tv/ads/ads1.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-9.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af2ac8055983b59c939388ef2b32ef532b5eb338d4f1758be91a125d4f07d83f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
S0gUSQE16svoHk1.rmwu2P08mV03VNo6
via
1.1 28e56b9ddced4ed414e75f87cbd0d976.cloudfront.net (CloudFront)
etag
"8ba19eeed6689e4d7c76742e23055415"
age
12233
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
17
last-modified
Thu, 18 Feb 2021 02:44:24 GMT
server
AmazonS3
date
Tue, 19 Apr 2022 22:45:23 GMT
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-pop
MUC50-P1
accept-ranges
bytes
x-amz-cf-id
ANybkyQZ10xgmujIdAUu-R00Iu0Uy3DT840Aq1H1cIxLxiB7U3JAtQ==
10114832.json
s.yimg.com/wi/config/ Frame F825 		46 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10114832.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
480d5b26935e27640c98365cfc7bd4a663c82d2affb64ffae8a4bf9b01b5e9fb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 20:48:29 GMT
x-content-type-options
nosniff
age
19106
x-amz-server-side-encryption
AES256
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
SYYST3NSM71ZR9MD
x-amz-id-2
p3ZEtMiwDP7+fDl7Pwt1AXU3hT1vbfRnDeuN6vjiC8CanfQ4/yNASGX4rnc+iQzAaoWBo3nswmE=
accept-ranges
bytes
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sun, 07 May 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Fri, 01 Apr 2022 21:50:20 GMT
server
ATS
etag
"31991d36d356e76ae58f243f53479582"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
x-amz-version-id
LFheN9jReXK1DR2ArxDz7ZU1RNsU84u3
access-control-allow-origin
*
x-xss-protection
1; mode=block
content-length
46
content-type
application/json
cookie
ads.adaptv.advertising.com/ Frame F825 		0
366 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/cookie?pageUrl=https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQ2|aGluZXQ=&isTop=false&callback=1
Requested by
Host: redir.adap.tv
URL: https://redir.adap.tv/redir/javascript/lightintegration.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.136.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-136-79.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

server
adaptv/1.0
Connection
keep-alive
Content-Length
0
content-type
text/html
analytics.js
www.google-analytics.com/ Frame F825 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-138079999-6&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6583
date
Wed, 20 Apr 2022 00:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 20 Apr 2022 02:17:11 GMT
main.gr.19.8.299.js
static.adsafeprotected.com/ Frame 559D 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.299.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/996673/61756195/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86a676d25a23c478b5064a3f6d9275179f67de2bbebe1bfa842719f73658650a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 20:37:01 GMT
content-encoding
gzip
age
3734994
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 01 Mar 2022 19:11:01 GMT
server
AmazonS3
etag
W/"587738d3e44b43a2620f42eb51d89fbf"
vary
Accept-Encoding
x-amz-version-id
kp2GPcLunARmvxyYiu0RKpd0_UaoR.nW
via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
mzenrsIVWtHnb12JNix7-8XmZSdzDIqWC6wMU3oSTMFf-JmYugiL0A==
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 559D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
URL: https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 13:57:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216591
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Apr 2023 13:57:03 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F7DB 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
URL: https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
72790
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 05:53:44 GMT
etag
48472445140208031
expires
Wed, 20 Apr 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 559D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
169db5a311931701397dd2b8a209e99c70e5c116009296712ad4f627c11ffc66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/9149102723359337108/ Frame 8A81 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9149102723359337108/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
230adde1ad039ba5d92c6a9c31b0644df62bae6128d7d822a3dc047c97185fe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
499830
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1845
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 07:16:24 GMT
expires
Fri, 14 Apr 2023 07:16:24 GMT
last-modified
Thu, 12 Aug 2021 23:42:22 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 559D 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvCiRMuz8KbL5y0ogtZkPflzPDC6yFtAYC-w5UaTM4nXW1GAcebyfCARivZ4d2vp-lHjkUtmQDa6TczJUKgDoUV0vAykQXRhwX8Q2ZQsVTMYCH1a6N__RdsTSfhl9P-2ZJKNdQgdKhqC-E-ve_s5vXFnHDn4T9imJD1GYHTgh6POzK3Z1ONZd7VyhRhOu95yTRX-hPsNQCvybGIJps8Jy59k4pvgDXKT-Gb5VRh1mtLarsWZCq__3yYdAvAN-ysl1nI49tdEiOghBfyysoDtUedX9_XnZ9l5FJ6ir04A8AR68jyrG8yQbo_E5X6MDVEle4BYlOLAig96JyheRLZCCpIFODQP1triwYUqw7IfkZcivn8qf1TABvfwIel7mr1sKnUQjRJMBjb7zMOE55pC4v_7QmqksmG1IOs8lE1P8_ZR-uUBZY4TiQIW24CYq_YI5OvQQrPci1LkbX-6Odp6150IjVL8bv63YwjYyGoPYF05f0EHUHVyV778HZRkITviCm0vI-x4sOQyQf5SDgEuLvBQHYgvgWspKkDw6PCtviYSAf16ML1jgjL7fD2ggdIMm4DqpBAQ2wquioKNhkVJtAGGWNh1_N9lB0iMsxwh9u5ZXYO4sZok8WVXAwBHd6FP1ovTFbFBsAKBbdE8bFC4x5xQta7bLccQgRiDhQMblYiA64qoYoXeYxMyOK8_qNIQmgeHQBxiTzfzix1gXes8_swIiupWpj-WE3-YsWbU2TeUi21Tj_GNJjfJVw9YvF-L8Jhfn7T--ZB0QPVQaafGLWfDAqHy4-4V7NIM1LTQFyHgSTish8dW2_F1cbzR85ZmssPGPl2cKI3OAHZ--d6h0wiLGuGRrco-MZ7eTg35qPLN_0WehxDHv9-LyLrPyXfEqNNG6GzYEJCJZCHZgXi6_Yigju5tGb9xOZDqS21vaH61m-PbjMCj3ejw3TUeGPFNfq2-uu3hM0RSrdbXErA3omuwhkoBlYJE26KGkX3uPbfC5GBSIDsZabxcwDBnoNpx8VArOQozSF9ZD8udf7d4rouXAyXirZrWokcI5_sK8adKATCyqaegXEDz66imk3N2mdhsTQzBmhFyeuPB65y8KBcxdamvrbWQpoPO-V5T_dL4Y3opojxaGtBsQ306jymPEyyoFnIaEmNgqTz8gslzM_5Ns8VhQvo_ztVTh4wZZNMtLGN7zoljQkWb3-eq4BXydY6pCB1OlIpALt5EsbsUr47IBHD8w&sai=AMfl-YTq5l2r5FiFr0h-_X21gnmU-gsjRd5-NapUyasaqUetxUXKACUkvQoHN_Y_0B1lm3zIBY_6_wyjGaqGwsCoXb-HdhdlxaWJadTNBF4JBM9E159GwmWfUEP19wPxftpGmnfksPlcIIuz39eEImpi8fwNBOHtvCSAE86uV8TOgXl8G9M6fXpRXxhDwZ5xmFXD7hTgWIooBneiKI1C8OLoag&sig=Cg0ArKJSzHGUK1YzOM9dEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=577&cbvp=1&cstd=573&cisv=r20220413.43387&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Wed, 20 Apr 2022 02:06:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sp.pl
sp.analytics.yahoo.com/ Frame F825 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2020%20Apr%202022%2002%3A06%3A53%20GMT&n=0&.yp=10114832&f=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fex.html%3Fid%3Dppn-aGluZXQ2%7CaGluZXQ%3D&e=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fppnif.html%3Fs%3DaGluZXQ2%7CaGluZXQ%3D&enc=UTF-8&yv=1.12.0&isIframe=1&tagmgr=gtm
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQ2|aGluZXQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:54 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Wed, 20 Apr 2022 02:06:54 GMT
emome2
t.ssp.hinet.net/ Frame F825 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=645f1f83-8da9-451c-b42f-b9f76357727e
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:54 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
generate_204
tpc.googlesyndication.com/ Frame AD89 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?HnWAgw
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
third
ssp.hinet.net/api/web/ Frame 44C2 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/third?c=2017003&s=201707000014&th=29&wc=3179
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.9.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:54 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
generate_204
tpc.googlesyndication.com/ Frame F347 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?7EalbA
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cm
t.ssp.hinet.net/ Frame F825 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=3d711f&cid=0f1b405b-4e10-4237-a3b5-92e8fa938f2a&mp=645f1f83-8da9-451c-b42f-b9f76357727e
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:54 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
pixel
645f1f83-8da9-451c-b42f-b9f76357727e.t.ssp.hinet.net/ Frame F825 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://645f1f83-8da9-451c-b42f-b9f76357727e.t.ssp.hinet.net/pixel?bd=645f1f83-8da9-451c-b42f-b9f76357727e&t=3d711f
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQ2|aGluZXQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:54 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/ Frame 6C3F 		2 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740840196959600&output=html&h=400&slotname=4874654900&adk=3033242791&adf=2751418291&pi=t.ma~as.4874654900&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420412742&bpp=2&bdt=185&idt=519&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=1&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420413&ga_hid=856103074&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1116&biw=1600&bih=1200&isw=580&ish=400&ifk=3581017202&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064019&oid=2&pvsid=55169206926762&pem=129&tmod=1527544047&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.8m9rx1id11s0&fsb=1&dtd=525
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 15:59:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36473
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 May 2022 15:59:01 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220418/r20110914/ Frame 6C3F 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220418/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740840196959600&output=html&h=400&slotname=4874654900&adk=3033242791&adf=2751418291&pi=t.ma~as.4874654900&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420412742&bpp=2&bdt=185&idt=519&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=1&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420413&ga_hid=856103074&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1116&biw=1600&bih=1200&isw=580&ish=400&ifk=3581017202&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064019&oid=2&pvsid=55169206926762&pem=129&tmod=1527544047&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.8m9rx1id11s0&fsb=1&dtd=525
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 15:51:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36917
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8002
x-xss-protection
0
server
cafe
etag
5332015062585099865
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 May 2022 15:51:37 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/ Frame 6C3F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740840196959600&output=html&h=400&slotname=4874654900&adk=3033242791&adf=2751418291&pi=t.ma~as.4874654900&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420412742&bpp=2&bdt=185&idt=519&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=1&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420413&ga_hid=856103074&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1116&biw=1600&bih=1200&isw=580&ish=400&ifk=3581017202&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064019&oid=2&pvsid=55169206926762&pem=129&tmod=1527544047&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.8m9rx1id11s0&fsb=1&dtd=525
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 15:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36757
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 May 2022 15:54:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6C3F 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740840196959600&output=html&h=400&slotname=4874654900&adk=3033242791&adf=2751418291&pi=t.ma~as.4874654900&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420412742&bpp=2&bdt=185&idt=519&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=1&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420413&ga_hid=856103074&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1116&biw=1600&bih=1200&isw=580&ish=400&ifk=3581017202&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064019&oid=2&pvsid=55169206926762&pem=129&tmod=1527544047&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.8m9rx1id11s0&fsb=1&dtd=525
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650281421154365"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Apr 2022 02:06:54 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/ Frame 6C3F 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740840196959600&output=html&h=400&slotname=4874654900&adk=3033242791&adf=2751418291&pi=t.ma~as.4874654900&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420412742&bpp=2&bdt=185&idt=519&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=1&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420413&ga_hid=856103074&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1116&biw=1600&bih=1200&isw=580&ish=400&ifk=3581017202&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064019&oid=2&pvsid=55169206926762&pem=129&tmod=1527544047&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.8m9rx1id11s0&fsb=1&dtd=525
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2d5acc40b303c5c7b8d41a3472de6bea841871f10f3b219d0add5c0d673106b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6421
x-xss-protection
0
server
cafe
etag
15269590465493672714
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 May 2022 02:04:58 GMT
3bde1d5944145a46a8b91d920db5ec4d.js
www.gstatic.com/mysidia/ Frame 6C3F 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3bde1d5944145a46a8b91d920db5ec4d.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740840196959600&output=html&h=400&slotname=4874654900&adk=3033242791&adf=2751418291&pi=t.ma~as.4874654900&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420412742&bpp=2&bdt=185&idt=519&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=1&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420413&ga_hid=856103074&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1116&biw=1600&bih=1200&isw=580&ish=400&ifk=3581017202&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064019&oid=2&pvsid=55169206926762&pem=129&tmod=1527544047&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.8m9rx1id11s0&fsb=1&dtd=525
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 15:34:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12194
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 05:04:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 18 Jul 2022 15:34:41 GMT
style.css
s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/ Frame 8A81 		3 KB
817 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9149102723359337108/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb65bd614642c16d36dce88439f71caaa9cfd8c8890d1e4f39476482629b8ff3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9149102723359337108/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 07:16:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
499830
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
788
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:42:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 07:16:24 GMT
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/ Frame 8A81 		113 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/TweenMax.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9149102723359337108/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
764918
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33534
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-1c274"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aed7kfI9sgsbxKRM5sYYjlKkg7%2B2aPjOElU4KUvGU%2BAI63ayz0CoO8ADwL0V3kQsTdOycbCh6FKwPKXtfcA7fgdRK%2FFJYCsWv0hJvFH6Q%2BbVLyrF1CHkUaoB68qbyeFRlGrSddWvrXf%2BESeVCI0SF3AW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6fea52c7e9bc01f0-ZRH
expires
Mon, 10 Apr 2023 02:06:54 GMT
main.js
s0.2mdn.net/sadbundle/9149102723359337108/javascripts/ Frame 8A81 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9149102723359337108/javascripts/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9149102723359337108/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
268e5ad893862a2d3bbbdf6cfcfc7b43e3adbeca4fb5d82cd06e0e2074721fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9149102723359337108/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 07:16:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
499830
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1082
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:42:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 07:16:24 GMT
/
www.facebook.com/tr/ Frame D952 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=271699991685076&ev=Microdata&dl=https%3A%2F%2Ffino.svc.litv.tv%2Facs%2Frts.html&rl=https%3A%2F%2Fplayer.svc.litv.tv%2F&if=true&ts=1650420414015&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22RTS%20App%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&it=1650420411477&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fino.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:54 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 20 Apr 2022 02:06:54 GMT
perf
am-trc-events.taboola.com/salesfrontier-hinet/log/3/ 		0
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/salesfrontier-hinet/log/3/perf?route=AM%3AAM%3AV&lti=forced-qp-6_var1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220417-11_b2-PR-43648-DEV-109130-add-taboola-push-api-to-force-trc_-params-into-json-call-104bbd149d4-SNAPSHOT.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://times.hinet.net
pragma
no-cache
date
Wed, 20 Apr 2022 02:06:54 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
adview
googleads.g.doubleclick.net/pagead/ Frame 6C3F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CtlP7vWpfYojsOsj33wP61a64DfOEhcJosJHvi5YPmZmmzbYQEAEgnYusCWCV4pCCoAegAaTZsdcByAEJqAMByAPLBKoE3QFP0M2bhCg8B1cy0-VEyoS0z2aH9ZWk_opcAeM1Zkf3GKkYwInTM9ete8UCbVO2AD0rrL4fnmm3-uX00HVOTGFqzv58hw9GgM154KzkCohc3Vken4XOilsFQ9c-4Dewcr9CbcPcCKUhDScMeQZJ7ZY-dmX1U9sIem6eMWGiVZj90WvxI1pXLtKEt1fd8L1h5YCwNo41YA9nIXoVwfVPpjcVGCwJm3GMHLDFmTfjCqeG2T-bVffRr4GlqkbFDc0vBMnjbqKjlSqu4mQ7yF26uQZWpG2oAEQ_FpX0mkObQMAEne_Rs-IDkgUECAQYAZIFBAgFGASgBi6AB-bTtt0CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQnPAI0ggJCIDhgBAQARgfgAoByAsB2BMMiBQD0BUBgBcBshccChoIABIUcHViLTE3NDA4NDAxOTY5NTk2MDAYAA&sigh=_mCv4F-XAXk&uach_m=[UACH]&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740840196959600&output=html&h=400&slotname=4874654900&adk=3033242791&adf=2751418291&pi=t.ma~as.4874654900&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420412742&bpp=2&bdt=185&idt=519&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=1&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420413&ga_hid=856103074&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1116&biw=1600&bih=1200&isw=580&ish=400&ifk=3581017202&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064019&oid=2&pvsid=55169206926762&pem=129&tmod=1527544047&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.8m9rx1id11s0&fsb=1&dtd=525
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740840196959600&output=html&h=400&slotname=4874654900&adk=3033242791&adf=2751418291&pi=t.ma~as.4874654900&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420412742&bpp=2&bdt=185&idt=519&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=1&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420413&ga_hid=856103074&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1116&biw=1600&bih=1200&isw=580&ish=400&ifk=3581017202&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064019&oid=2&pvsid=55169206926762&pem=129&tmod=1527544047&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.8m9rx1id11s0&fsb=1&dtd=525
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 20 Apr 2022 02:06:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/5189929810919159451/ Frame 6C3F 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5189929810919159451/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740840196959600&output=html&h=400&slotname=4874654900&adk=3033242791&adf=2751418291&pi=t.ma~as.4874654900&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420412742&bpp=2&bdt=185&idt=519&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=1&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420413&ga_hid=856103074&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1116&biw=1600&bih=1200&isw=580&ish=400&ifk=3581017202&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064019&oid=2&pvsid=55169206926762&pem=129&tmod=1527544047&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.8m9rx1id11s0&fsb=1&dtd=525
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3261e47af41ea32aea740e67ff661f0cb9df3dc6b862a965dd9a8d1b99416a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 14:22:14 GMT
x-content-type-options
nosniff
age
387880
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33743
x-xss-protection
0
last-modified
Sat, 14 Aug 2021 10:06:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 15 Apr 2023 14:22:14 GMT
truncated
/ Frame 6C3F 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
skeleton.js
static.adsafeprotected.com/ Frame 559D
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/996673/61756195/skeleton.js?adsafe_url=https%3A%2F%2Ftimes.hinet.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F24327e10640890d0a908df1a89ac2fa1.safeframe.googl...
  • https://static.adsafeprotected.com/skeleton.js
17 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: 24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
URL: https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:214f:9e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 08:35:57 GMT
via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
age
24773458
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
k_nGzJKZlK_B_eY9ENtIHPcCi-5djBCHwDUV3cZNK0cq9VgPxQw7_Q==

Redirect headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:54 GMT
x-server-name
app08.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 2DED 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
URL: https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
content-encoding
gzip
age
5486931
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
nYdJISvmL1dCYYTx_j8iRzLlqHVKH1wR92nQvUQ2meQ2gZvTuvV2RQ==
collect
www.google-analytics.com/ Frame F825 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1333604158&t=event&_s=1&dl=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fex.html%3Fid%3Dppn-aGluZXQ2%7CaGluZXQ%3D&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=player&ea=request&_u=QACAAUAB~&jid=&gjid=&cid=34940685.1650420411&tid=UA-138079999-6&_gid=2004260237.1650420411&gtm=2ou4i1&z=918576751
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQ2|aGluZXQ=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 00:01:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7527
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame F825 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1333604158&t=event&_s=1&dl=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fex.html%3Fid%3Dppn-aGluZXQ2%7CaGluZXQ%3D&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=player&ea=request&_u=QACAAUAB~&jid=&gjid=&cid=34940685.1650420411&uid=0f1b405b-4e10-4237-a3b5-92e8fa938f2a&tid=UA-138079999-10&_gid=2004260237.1650420411&gtm=2ou4i1&z=1084253126
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQ2|aGluZXQ=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 00:01:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7527
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame F825 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1333604158&t=event&_s=2&dl=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fex.html%3Fid%3Dppn-aGluZXQ2%7CaGluZXQ%3D&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=player&ea=impression&_u=QACAAUAB~&jid=&gjid=&cid=34940685.1650420411&tid=UA-138079999-6&_gid=2004260237.1650420411&gtm=2ou4i1&z=269139306
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQ2|aGluZXQ=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 00:01:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7527
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame F825 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1333604158&t=event&_s=2&dl=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fex.html%3Fid%3Dppn-aGluZXQ2%7CaGluZXQ%3D&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=player&ea=impression&_u=QACAAUAB~&jid=&gjid=&cid=34940685.1650420411&uid=0f1b405b-4e10-4237-a3b5-92e8fa938f2a&tid=UA-138079999-10&_gid=2004260237.1650420411&gtm=2ou4i1&z=1419089344
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQ2|aGluZXQ=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 00:01:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7527
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F7DB
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMIsc2XGYqluwsMFe_WSp9I&google_cver=1&google_push=AYg5qPIANgOdlJ0X3aacXUySbswl5IbZw80_v6A0cryxwH6HEK028hizSn...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIANgOdlJ0X3aacXUySbswl5IbZw80_v6A0cryxwH6HEK028hizSnJmyTUTZ8sCXySpo5PMB_b3LsKf9XYpeGJQ_xxRUb5F&google_hm=4Xfhv2FTLXwt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIANgOdlJ0X3aacXUySbswl5IbZw80_v6A0cryxwH6HEK028hizSnJmyTUTZ8sCXySpo5PMB_b3LsKf9XYpeGJQ_xxRUb5F&google_hm=4Xfhv2FTLXwtWGktNPRKTw
Requested by
Host: 24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
URL: https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIANgOdlJ0X3aacXUySbswl5IbZw80_v6A0cryxwH6HEK028hizSnJmyTUTZ8sCXySpo5PMB_b3LsKf9XYpeGJQ_xxRUb5F&google_hm=4Xfhv2FTLXwtWGktNPRKTw
pragma
no-cache
date
Wed, 20 Apr 2022 02:06:54 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F7DB
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEBRrILT_-tFmwu1iT17rtUs&google_cver=1&google_push=AYg5qPK8vq2Q7WobQg962OwZ7Hs481vevMavIONiiwo8v6yFdwl5mLxz7GwennNzje1l_rjFc2ha-gRxzBUYH4Yfmu-wHBZtNg3JOw
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPK8vq2Q7WobQg962OwZ7Hs481vevMavIONiiwo8v6yFdwl5mLxz7GwennNzje1l_rjFc2ha-gRxzBUYH4Yfmu-wHBZtNg3JOw&google_hm=Q0FFU0VCUnJJTFRfLXR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPK8vq2Q7WobQg962OwZ7Hs481vevMavIONiiwo8v6yFdwl5mLxz7GwennNzje1l_rjFc2ha-gRxzBUYH4Yfmu-wHBZtNg3JOw&google_hm=Q0FFU0VCUnJJTFRfLXRGbXd1MWlUMTdydFVz
Requested by
Host: 24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
URL: https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 20 Apr 2022 02:06:54 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPK8vq2Q7WobQg962OwZ7Hs481vevMavIONiiwo8v6yFdwl5mLxz7GwennNzje1l_rjFc2ha-gRxzBUYH4Yfmu-wHBZtNg3JOw&google_hm=Q0FFU0VCUnJJTFRfLXRGbXd1MWlUMTdydFVz
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F7DB
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJxWr-FfRD3xrcfZizjQc90T1HxD7zMi2YfZRYmPNFhuFPHf9NTB7wObaPyhGZOJtvGAq7pdvvFsqbiQ8z8qfxUQwy81WaMiA&google_gid=CAESELULovubTG-T5E-2mxtWiak&g...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCL7V_ZIGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BWWc1cVBKeFdyLUZmUkQzeHJjZlppempRYzkwVDFIeEQ3ek1pMllmWlJZbVBORmh1RlBIZjlOVEI3d09iYVB5aEdaT0p0dkdBcTdwZHZ2RnNxYmlROH...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTzhiMDVnQndmclVpQWNOM0pJWjVlTWpMYnVrQ3ViVTFkTHpCUmhBMHpuTQ==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTzhiMDVnQndmclVpQWNOM0pJWjVlTWpMYnVrQ3ViVTFkTHpCUmhBMHpuTQ==&google_push
Requested by
Host: 24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
URL: https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 20 Apr 2022 02:06:55 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTzhiMDVnQndmclVpQWNOM0pJWjVlTWpMYnVrQ3ViVTFkTHpCUmhBMHpuTQ==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame F7DB
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJ38L19...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJ38L19...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MjAwMjA3MDAwMDA4MDU2NzU4NjQ4MA%3D%3D&google_push=AYg5qPJ38L19TtP39vNQbxJl_PTCYkyrwZ0A63EtyOVncuM8ljV7YinWv8O4rfLl5n65eI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MjAwMjA3MDAwMDA4MDU2NzU4NjQ4MA%3D%3D&google_push=AYg5qPJ38L19TtP39vNQbxJl_PTCYkyrwZ0A63EtyOVncuM8ljV7YinWv8O4rfLl5n65eIgwC_DQPZ5r1z8gscvyjZxxuRvETfcAeg
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MjAwMjA3MDAwMDA4MDU2NzU4NjQ4MA%3D%3D&google_push=AYg5qPJ38L19TtP39vNQbxJl_PTCYkyrwZ0A63EtyOVncuM8ljV7YinWv8O4rfLl5n65eIgwC_DQPZ5r1z8gscvyjZxxuRvETfcAeg
pragma
no-cache
date
Wed, 20 Apr 2022 02:07:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Wed, 20 Apr 2022 02:07:00 GMT
dds
rtb.openx.net/sync/ Frame F7DB 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEA7vUIiKNt6hPdnhvlWHkZE&google_cver=1&google_push=AYg5qPIgzScHnr0q-cYL9fFe-UatpvwQs5X6wDXo20qV_9ZXDam6U6fzsQ-k6eCNcjKoXxUr-4iDOwHvmLfTSYgl62MKxmuf1U4j
Requested by
Host: 24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
URL: https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:54 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
86253mctslih4k9k3na74v4479q32cj4
pixel
cm.g.doubleclick.net/ Frame F7DB
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4Ueyoa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4Ueyoa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4Ueyoa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4Ueyoa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4Ueyoa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4Ueyoa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4Ueyoa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4Ueyoa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4Ueyoa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4Ueyoa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4Ueyoa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4Ueyoa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4Ueyoa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4Ueyoa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4Ueyoa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4Ueyoa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4Ueyoa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4Ueyoa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4Ueyoa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4Ueyoa...
0
0
pixel
cm.g.doubleclick.net/ Frame F7DB
Redirect Chain
  • https://ag.innovid.com/trk?tid=11711&google_gid=CAESEP2VsMJ7k6sfjbUwZl5zS-U&google_cver=1&google_push=AYg5qPLxZ0io8yBMNyLkAC3I7Tu3A0Lmza1xjyFenlWksoOlhjh5AHxd3uai5NAD3gP_TTwQK0GyVIxM4katUIuKnb2TY3m...
  • https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLxZ0io8yBMNyLkAC3I7Tu3A0Lmza1xjyFenlWksoOlhjh5AHxd3uai5NAD3gP_TTwQK0GyVIxM4katUIuKnb2TY3mJC_dy5w&google_hm=jDJnIroMR_6oXB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLxZ0io8yBMNyLkAC3I7Tu3A0Lmza1xjyFenlWksoOlhjh5AHxd3uai5NAD3gP_TTwQK0GyVIxM4katUIuKnb2TY3mJC_dy5w&google_hm=jDJnIroMR_6oXB78XdNV9g
Requested by
Host: 24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
URL: https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLxZ0io8yBMNyLkAC3I7Tu3A0Lmza1xjyFenlWksoOlhjh5AHxd3uai5NAD3gP_TTwQK0GyVIxM4katUIuKnb2TY3mJC_dy5w&google_hm=jDJnIroMR_6oXB78XdNV9g
pragma
no-cache
date
Wed, 20 Apr 2022 02:06:54 GMT
cache-control
no-cache
content-length
0
request-time
1
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame F7DB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JvG_Nv-zRE1ZCC2QZtxOBLL-aMScdCpw7GHDT52kqcbhSj6ULLJQ6lVB_apZ-TsXPj8cK9
Requested by
Host: 24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
URL: https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dt
dt.adsafeprotected.com/ Frame 559D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=ff7f3f86-8b20-298b-9621-314a39f83ee1&tv=%7Bc:ahReM1,pingTime:-3,time:689,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:596%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:690,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:596,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B122~0%5D,as:%5B122~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t3vtRn2+1111%7C112%7C1131%7C114%7C1211%7C1212%7C12131%7C12132%7C12133%7C1214%7C1215%7C122%7C123%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a14%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p%7C1q*.996673-61756195%7C1q1%7C1q2%7C1q3,idMap:1q*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by
Host: 24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
URL: https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.43.225 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-43-225.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:55 GMT
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 559D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=ff7f3f86-8b20-298b-9621-314a39f83ee1&tv=%7Bc:ahReM4,pingTime:-6,time:692,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:692,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:596,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B124~0%5D,as:%5B124~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t3vtRn2+1111%7C112%7C1131%7C114%7C1211%7C1212%7C12131%7C12132%7C12133%7C1214%7C1215%7C122%7C123%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a14%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p%7C1q*.996673-61756195%7C1q1%7C1q2%7C1q3,idMap:1q*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:times.hinet.net*&br=c
Requested by
Host: 24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
URL: https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.43.225 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-43-225.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:55 GMT
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5119 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
58724
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 09:48:10 GMT
expires
Wed, 19 Apr 2023 09:48:10 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 061F 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740840196959600&output=html&h=400&slotname=4874654900&adk=3033242791&adf=2751418291&pi=t.ma~as.4874654900&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420412742&bpp=2&bdt=185&idt=519&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=1&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420413&ga_hid=856103074&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1116&biw=1600&bih=1200&isw=580&ish=400&ifk=3581017202&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064019&oid=2&pvsid=55169206926762&pem=129&tmod=1527544047&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.8m9rx1id11s0&fsb=1&dtd=525
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
72790
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 05:53:44 GMT
etag
48472445140208031
expires
Wed, 20 Apr 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bg.jpg
s0.2mdn.net/sadbundle/9149102723359337108/images/ Frame 8A81 		198 KB
198 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9149102723359337108/images/bg.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9149102723359337108/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ede6ee6355f711871726a1c7a94e36a4f508b56e05c37de1602ad46da690eff3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9149102723359337108/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 07:16:24 GMT
x-content-type-options
nosniff
age
499830
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202513
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:42:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 07:16:24 GMT
push0.png
s0.2mdn.net/sadbundle/9149102723359337108/images/ Frame 8A81 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9149102723359337108/images/push0.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff38ba014a57ef8527b62cf11a5eaa8b6260495a58ff8fd32fdd686e64625a47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 07:16:24 GMT
x-content-type-options
nosniff
age
499830
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2819
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:42:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 07:16:24 GMT
push1.png
s0.2mdn.net/sadbundle/9149102723359337108/images/ Frame 8A81 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9149102723359337108/images/push1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e77a884b41aef255722a9188a640a0916b737d8c6831efc386bd538c6600d08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 07:16:24 GMT
x-content-type-options
nosniff
age
499830
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2959
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:42:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 07:16:24 GMT
bg1b.jpg
s0.2mdn.net/sadbundle/9149102723359337108/images/ Frame 8A81 		171 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9149102723359337108/images/bg1b.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c20311694b3218fb21981ff0b0a5298438796bf2f9c947c0c3310289706f69b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 07:16:24 GMT
x-content-type-options
nosniff
age
499830
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
175240
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:42:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 07:16:24 GMT
push2.png
s0.2mdn.net/sadbundle/9149102723359337108/images/ Frame 8A81 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9149102723359337108/images/push2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0617c3ac206390ae74a69154b3d93391017721ed1e352b35fd1c93c1f29aac57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 07:16:24 GMT
x-content-type-options
nosniff
age
499830
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3689
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:42:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 07:16:24 GMT
logo_intro.png
s0.2mdn.net/sadbundle/9149102723359337108/images/ Frame 8A81 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9149102723359337108/images/logo_intro.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3229f4a81ecdb67f29957de2b126b91a33e9c275adc4b3367b7e8b3fb42de5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 07:16:24 GMT
x-content-type-options
nosniff
age
499830
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9032
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:42:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 07:16:24 GMT
bg2.jpg
s0.2mdn.net/sadbundle/9149102723359337108/images/ Frame 8A81 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9149102723359337108/images/bg2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d88cfafe21cca9338a04f0588f851560efa7f2a2cb28dcc12170dcd37303c218
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 07:16:24 GMT
x-content-type-options
nosniff
age
499830
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118708
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:42:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 07:16:24 GMT
bg2b.png
s0.2mdn.net/sadbundle/9149102723359337108/images/ Frame 8A81 		142 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9149102723359337108/images/bg2b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
514578a1d50f71241d0f5c90a83291a9597087356d934d7652ce05070048b9b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 07:16:24 GMT
x-content-type-options
nosniff
age
499830
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145652
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:42:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 07:16:24 GMT
push3.png
s0.2mdn.net/sadbundle/9149102723359337108/images/ Frame 8A81 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9149102723359337108/images/push3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d947d508ff3e7840447afa02b4d163c784e585f5a7517a2c2a40564eca28016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 06:52:54 GMT
x-content-type-options
nosniff
age
69241
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3277
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:42:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Apr 2023 06:52:54 GMT
bg3.jpg
s0.2mdn.net/sadbundle/9149102723359337108/images/ Frame 8A81 		283 KB
283 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9149102723359337108/images/bg3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
171ba96cb019bfc352dd4beec42b67513d0283d028755938ca5f036340921023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 07:16:24 GMT
x-content-type-options
nosniff
age
499831
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290151
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:42:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 07:16:24 GMT
bg3b.png
s0.2mdn.net/sadbundle/9149102723359337108/images/ Frame 8A81 		176 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9149102723359337108/images/bg3b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edfa73970e1842a8542aaa2846334d7f5eabb263024910f1ecfbbe92c068d4ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 07:16:24 GMT
x-content-type-options
nosniff
age
499831
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
180219
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:42:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 07:16:24 GMT
push4.png
s0.2mdn.net/sadbundle/9149102723359337108/images/ Frame 8A81 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9149102723359337108/images/push4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b754481a5f5a7f79a133427c73476db19d2a781b05d86b37081f591f41467f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 07:16:24 GMT
x-content-type-options
nosniff
age
499831
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3144
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:42:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 07:16:24 GMT
push6.png
s0.2mdn.net/sadbundle/9149102723359337108/images/ Frame 8A81 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9149102723359337108/images/push6.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ba2173d6a7322cbdaf54a1edf6c31903d3b2f0fdbb03411230402ac1a2b3257
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 22:33:35 GMT
x-content-type-options
nosniff
age
272000
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1674
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:42:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 16 Apr 2023 22:33:35 GMT
push6b.png
s0.2mdn.net/sadbundle/9149102723359337108/images/ Frame 8A81 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9149102723359337108/images/push6b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
026649e35eb8357f00fba5d9ced4df29707245f0c274426738472676ffc10502
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 07:16:24 GMT
x-content-type-options
nosniff
age
499831
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20100
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:42:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 07:16:24 GMT
push6c.png
s0.2mdn.net/sadbundle/9149102723359337108/images/ Frame 8A81 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9149102723359337108/images/push6c.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0ecd798e7765210a4923a3ea4dd97435f751c35127a44d4f43accf47ad1e86b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 07:16:24 GMT
x-content-type-options
nosniff
age
499831
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2348
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:42:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 07:16:24 GMT
push6d.png
s0.2mdn.net/sadbundle/9149102723359337108/images/ Frame 8A81 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9149102723359337108/images/push6d.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfff1940a635c5ff12a173880a88872c1120739c0336c9d952fcab04ba0b3652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 07:16:24 GMT
x-content-type-options
nosniff
age
499831
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1626
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:42:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 07:16:24 GMT
push7.png
s0.2mdn.net/sadbundle/9149102723359337108/images/ Frame 8A81 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9149102723359337108/images/push7.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff38ba014a57ef8527b62cf11a5eaa8b6260495a58ff8fd32fdd686e64625a47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 07:16:24 GMT
x-content-type-options
nosniff
age
499831
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2819
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:42:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 07:16:24 GMT
cta.png
s0.2mdn.net/sadbundle/9149102723359337108/images/ Frame 8A81 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9149102723359337108/images/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fc08e0d8fbce025a4ff119b0ff3e2fbbe94954fb39f136e293830446c27acd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 07:16:24 GMT
x-content-type-options
nosniff
age
499831
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1977
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:42:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 07:16:24 GMT
arrow.png
s0.2mdn.net/sadbundle/9149102723359337108/images/ Frame 8A81 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9149102723359337108/images/arrow.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edd65e922fed9ee65b9550d725ecafb1b3c03ff4ca7f80910e9b6657a9fe1036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 07:16:24 GMT
x-content-type-options
nosniff
age
499831
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1140
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:42:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 07:16:24 GMT
cta_hover.png
s0.2mdn.net/sadbundle/9149102723359337108/images/ Frame 8A81 		99 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9149102723359337108/images/cta_hover.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae829f91c5894fabf92675d9ccf31d618cd5e4d9a518274c532a727d71e8b3ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9149102723359337108/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 07:16:24 GMT
x-content-type-options
nosniff
age
499831
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 23:42:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 07:16:24 GMT
index.m3u8
lispeedtest.akamaized.net/ppninstead/ Frame 9DEF 		409 B
987 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lispeedtest.akamaized.net/ppninstead/index.m3u8
Requested by
Host: jsmodule.svc.litv.tv
URL: https://jsmodule.svc.litv.tv/videojs/video.novtt.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:4::b818:4dc1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
adc24d49794343c273a5590a066402c375609835dc12f5a9109ff84c28e6159e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 02:06:55 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Connection
keep-alive
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
193
Akamai-Mon-Iucid-Del
835817
Last-Modified
Fri, 11 Dec 2020 02:58:53 GMT
Server
AkamaiNetStorage
ETag
"c5f6ed62c761989453d6e4f50db9d7b4:1607655533.784548"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=25991365
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
dt
dt.adsafeprotected.com/ Frame 559D 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=ff7f3f86-8b20-298b-9621-314a39f83ee1&tv=%7Bc:ahReO3,pingTime:-2,time:815,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:342,bdZ:505,beA:850,beZ:852,mfA:1411,cmA:1414,inA:1414,inZ:1422,prA:1422,prZ:1439,si:1448,poA:1449,poZ:1478,cmZ:1478,mfZ:1478,loA:1542,loZ:1546,ltA:1665,ltZ:1665%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:596%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:815,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:596,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B247~0%5D,as:%5B247~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t3vtRn2+1111%7C112%7C1131%7C114%7C1211%7C1212%7C12131%7C12132%7C12133%7C1214%7C1215%7C122%7C123%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a14%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p%7C1q*.996673-61756195%7C1q1%7C1q2%7C1q3,idMap:1q*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,sinceFw:216,readyFired:true%7D&br=c
Requested by
Host: 24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
URL: https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.43.225 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-43-225.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:55 GMT
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
truncated
/ Frame 6C3F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b789b890c6639b7dcb1700a2ac34d6784c9980958ce492f0a5240a53d485bf2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
b181c612-efe0-491d-9e3b-4eb3ec178a5c
https://player.svc.litv.tv/ Frame 9DEF 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://player.svc.litv.tv/b181c612-efe0-491d-9e3b-4eb3ec178a5c
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQ2|aGluZXQ=
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d417cd3bf0128d55b58754b4053caaa0c512e877f332ed1c8b805f75ad702955

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
4896
Content-Type
application/javascript
3c9ca836-4fdb-4de1-bb2d-eaa2aa0e8436
https://player.svc.litv.tv/ Frame 9DEF 		68 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://player.svc.litv.tv/3c9ca836-4fdb-4de1-bb2d-eaa2aa0e8436
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQ2|aGluZXQ=
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a27ec72f8b9a4a8055041ff9a586cb93675a9f990a3f0c40edf5a08bb998e305

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
69536
Content-Type
application/javascript
9cf719cb-0e2e-4041-a1b7-b81f755bb074
https://player.svc.litv.tv/ Frame 9DEF 		68 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://player.svc.litv.tv/9cf719cb-0e2e-4041-a1b7-b81f755bb074
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQ2|aGluZXQ=
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a27ec72f8b9a4a8055041ff9a586cb93675a9f990a3f0c40edf5a08bb998e305

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
69536
Content-Type
application/javascript
view
googleads4.g.doubleclick.net/pcs/ Frame 559D 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvCiRMuz8KbL5y0ogtZkPflzPDC6yFtAYC-w5UaTM4nXW1GAcebyfCARivZ4d2vp-lHjkUtmQDa6TczJUKgDoUV0vAykQXRhwX8Q2ZQsVTMYCH1a6N__RdsTSfhl9P-2ZJKNdQgdKhqC-E-ve_s5vXFnHDn4T9imJD1GYHTgh6POzK3Z1ONZd7VyhRhOu95yTRX-hPsNQCvybGIJps8Jy59k4pvgDXKT-Gb5VRh1mtLarsWZCq__3yYdAvAN-ysl1nI49tdEiOghBfyysoDtUedX9_XnZ9l5FJ6ir04A8AR68jyrG8yQbo_E5X6MDVEle4BYlOLAig96JyheRLZCCpIFODQP1triwYUqw7IfkZcivn8qf1TABvfwIel7mr1sKnUQjRJMBjb7zMOE55pC4v_7QmqksmG1IOs8lE1P8_ZR-uUBZY4TiQIW24CYq_YI5OvQQrPci1LkbX-6Odp6150IjVL8bv63YwjYyGoPYF05f0EHUHVyV778HZRkITviCm0vI-x4sOQyQf5SDgEuLvBQHYgvgWspKkDw6PCtviYSAf16ML1jgjL7fD2ggdIMm4DqpBAQ2wquioKNhkVJtAGGWNh1_N9lB0iMsxwh9u5ZXYO4sZok8WVXAwBHd6FP1ovTFbFBsAKBbdE8bFC4x5xQta7bLccQgRiDhQMblYiA64qoYoXeYxMyOK8_qNIQmgeHQBxiTzfzix1gXes8_swIiupWpj-WE3-YsWbU2TeUi21Tj_GNJjfJVw9YvF-L8Jhfn7T--ZB0QPVQaafGLWfDAqHy4-4V7NIM1LTQFyHgSTish8dW2_F1cbzR85ZmssPGPl2cKI3OAHZ--d6h0wiLGuGRrco-MZ7eTg35qPLN_0WehxDHv9-LyLrPyXfEqNNG6GzYEJCJZCHZgXi6_Yigju5tGb9xOZDqS21vaH61m-PbjMCj3ejw3TUeGPFNfq2-uu3hM0RSrdbXErA3omuwhkoBlYJE26KGkX3uPbfC5GBSIDsZabxcwDBnoNpx8VArOQozSF9ZD8udf7d4rouXAyXirZrWokcI5_sK8adKATCyqaegXEDz66imk3N2mdhsTQzBmhFyeuPB65y8KBcxdamvrbWQpoPO-V5T_dL4Y3opojxaGtBsQ306jymPEyyoFnIaEmNgqTz8gslzM_5Ns8VhQvo_ztVTh4wZZNMtLGN7zoljQkWb3-eq4BXydY6pCB1OlIpALt5EsbsUr47IBHD8w&sai=AMfl-YTq5l2r5FiFr0h-_X21gnmU-gsjRd5-NapUyasaqUetxUXKACUkvQoHN_Y_0B1lm3zIBY_6_wyjGaqGwsCoXb-HdhdlxaWJadTNBF4JBM9E159GwmWfUEP19wPxftpGmnfksPlcIIuz39eEImpi8fwNBOHtvCSAE86uV8TOgXl8G9M6fXpRXxhDwZ5xmFXD7hTgWIooBneiKI1C8OLoag&sig=Cg0ArKJSzHGUK1YzOM9dEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1583&vt=11&dtpt=1006&dett=3&cstd=573&cisv=r20220413.43387&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:06:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
vod44682-000000M001_400K.m3u8
lispeedtest.akamaized.net/ppninstead/ Frame 9DEF 		1 KB
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lispeedtest.akamaized.net/ppninstead/vod44682-000000M001_400K.m3u8
Requested by
Host: jsmodule.svc.litv.tv
URL: https://jsmodule.svc.litv.tv/videojs/video.novtt.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a02:26f0:3500:4::b818:4dc1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5b685aa3b92ad997c10e92e89a5a58e48e97f8811fd5692d19c2e4ee362f7fb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:55 GMT
content-encoding
gzip
vary
Accept-Encoding
akamai-mon-iucid-del
835817
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
207
last-modified
Fri, 11 Dec 2020 02:53:09 GMT
server
AkamaiNetStorage
etag
"61dc79198f20eec8e3864f781758133b:1607655189.707641"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control
max-age=27988344
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
quic-version
Q050
pixel
cm.g.doubleclick.net/ Frame 061F
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMIsc2XGYqluwsMFe_WSp9I&google_cver=1&google_push=AYg5qPJ7lfJmCgbm-WtA_hwhcXDNCsnKRI4f6BesC1eMYS13iOAPhtvAQp...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJ7lfJmCgbm-WtA_hwhcXDNCsnKRI4f6BesC1eMYS13iOAPhtvAQpMPbqWfDRkF9ACkPKK6v_UESoek8YbwkhyZBVSLmvk&google_hm=4Xfhv2FTLXwtW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJ7lfJmCgbm-WtA_hwhcXDNCsnKRI4f6BesC1eMYS13iOAPhtvAQpMPbqWfDRkF9ACkPKK6v_UESoek8YbwkhyZBVSLmvk&google_hm=4Xfhv2FTLXwtWGktNPRKTw
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJ7lfJmCgbm-WtA_hwhcXDNCsnKRI4f6BesC1eMYS13iOAPhtvAQpMPbqWfDRkF9ACkPKK6v_UESoek8YbwkhyZBVSLmvk&google_hm=4Xfhv2FTLXwtWGktNPRKTw
pragma
no-cache
date
Wed, 20 Apr 2022 02:06:55 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 061F
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJpnw0JvPMPRlDcgE8lgA-D6VuS9xqKgDmBGXg...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWw5cXZ3QUFBSm56b1FQMA&google_push=AYg5qPJpnw0JvPMPRlDcgE8lgA-D6VuS9xqKgDmBGXgOSXx7w3XOCk2b1vGlc9BZyPVLiCrkW50J3QxbK6CAniysTUM-UV2OgLJF
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWw5cXZ3QUFBSm56b1FQMA&google_push=AYg5qPJpnw0JvPMPRlDcgE8lgA-D6VuS9xqKgDmBGXgOSXx7w3XOCk2b1vGlc9BZyPVLiCrkW50J3QxbK6CAniysTUM-UV2OgLJF
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWw5cXZ3QUFBSm56b1FQMA&google_push=AYg5qPJpnw0JvPMPRlDcgE8lgA-D6VuS9xqKgDmBGXgOSXx7w3XOCk2b1vGlc9BZyPVLiCrkW50J3QxbK6CAniysTUM-UV2OgLJF
Date
Wed, 20 Apr 2022 02:06:55 GMT
Server
Apache
Connection
keep-alive
Content-Length
391
Content-Type
text/html; charset=iso-8859-1
dds
rtb.openx.net/sync/ Frame 061F 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEA7vUIiKNt6hPdnhvlWHkZE&google_cver=1&google_push=AYg5qPK9ywNbgWAC_t203olNizuzif1UVHJsxrS-ow8DuxeOub0B1GTg0KJ-S6RIU7xTHJq4fu-dXR8KwiB1toPxnmdt-qLjM5I7
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740840196959600&output=html&h=400&slotname=4874654900&adk=3033242791&adf=2751418291&pi=t.ma~as.4874654900&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420412742&bpp=2&bdt=185&idt=519&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=1&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420413&ga_hid=856103074&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1116&biw=1600&bih=1200&isw=580&ish=400&ifk=3581017202&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064019&oid=2&pvsid=55169206926762&pem=129&tmod=1527544047&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.8m9rx1id11s0&fsb=1&dtd=525
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:06:54 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
3216e480ldssi9stfldrq29465ns14f6
pixel
cm.g.doubleclick.net/ Frame 061F
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IoyaC54qQz6mybnIeIjyzQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IoyaC54qQz6mybnIeIjyzQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI4XaoKBamjJL1wD604HbvEsY0W1f2MBtNaDPE7rgYgkSjw9dEdweKBtWxSiQAqd-OBsECjIphmDtx2QAl-58CcV772w6Yv
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IoyaC54qQz6mybnIeIjyzQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI4XaoKBamjJL1wD604HbvEsY0W1f2MBtNaDPE7rgYgkSjw9dEdweKBtWxSiQAqd-OBsECjIphmDtx2QAl-58CcV772w6Yv
date
Wed, 20 Apr 2022 02:06:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 061F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKNqyZwWUM33eFnGlhHyw4Y&google_cver=1&google_push=AYg5qPKFLspwoHt86WeEii0G9re3BI-ZwSRwzGxyUkF7jKYKWlALpglciy9tnQzSFuq9YPm9WVp...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI2WFBBU1ktMUktRExVMQ==&google_push=AYg5qPKFLspwoHt86WeEii0G9re3BI-ZwSRwzGxyUkF7jKYKWlALpglciy9tnQzSFuq9YPm9WVpi_AcW7CZKetdYLDX33upNPNfj
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI2WFBBU1ktMUktRExVMQ==&google_push=AYg5qPKFLspwoHt86WeEii0G9re3BI-ZwSRwzGxyUkF7jKYKWlALpglciy9tnQzSFuq9YPm9WVpi_AcW7CZKetdYLDX33upNPNfj
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI2WFBBU1ktMUktRExVMQ==&google_push=AYg5qPKFLspwoHt86WeEii0G9re3BI-ZwSRwzGxyUkF7jKYKWlALpglciy9tnQzSFuq9YPm9WVpi_AcW7CZKetdYLDX33upNPNfj
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame 061F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStA...
0
0
googleredir
googlecm.hit.gemius.pl/ Frame 061F 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 061F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IjpDw8XdXP40s5jwEnIg3Bne3TlDftyCwhtbyd0EYbSxFtGpmKXOMwSgGkC0FjBVwrkN9eWg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740840196959600&output=html&h=400&slotname=4874654900&adk=3033242791&adf=2751418291&pi=t.ma~as.4874654900&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420412742&bpp=2&bdt=185&idt=519&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=1&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420413&ga_hid=856103074&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1116&biw=1600&bih=1200&isw=580&ish=400&ifk=3581017202&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064019&oid=2&pvsid=55169206926762&pem=129&tmod=1527544047&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.8m9rx1id11s0&fsb=1&dtd=525
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6435 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220413&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1740840196959600&plah=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d1738db6f84bb15b18364962c006018149ed343f1d08fbe9e8a19ef836bdbdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:06:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10563
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 44C2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041301&jk=1580441317644711&bg=!6eql6q7NAAZvJBiFTyQ7ACkAdvg8Wtvg4W31SWLA6X9IU_OkrmSzw9AO9yT-tvM2ObPl8wgnfoYwugIAAAOCUgAAAAloAQcKAKujW_HiF2r3YPd6-u_VGLztaF_5gbjpbngmXvK6A7Vf9F7RA0MxdqYTHlzAfRXqGY6g8yNVE65ML71oRMI41kQoiQRgj-lGDhjNC_zFcLG70Jdv5S9CGCabr4mFzLOI-bCeFNNOpqJuNMtEKs2O_v1nmJIXtegsmfHTRQ2_4JoAvw5HM58DJtwl-zr4HF_tuPfBs3qjrDFSvmgnC2NhjGi-JJUrQUo4ztzQfLiZArYqM5J-qXer4sK0v_81QaLyMykM8ClQGZw4rW9EOKOxkQg4Cq5wir5126pHZvKuU-xdnuOwnej5bNl7208KAG-hj2d05y9k6CfFr7o1B3MA-NKjP99oTz4gELxZ7Ni7jW59DhvW39C6WJhtppH1re4JytXin6FE_HOcE7wZ2b_QyZ0WRLmOe2BLbPMnbmkx95uSMI5t3ta3w-E_ZKcIMqYnWIcrWsObTT9xfrrYht2Z8Qi4tF9Y1J2BF0FHiiXxshQRjYxmVemYnTqY-E4cXoCqnjZfzKsKrlGKibS_7jraB9VyH9RT6_2yXfuMjFKWZNJNQpsmrHVj36dl2X-W8JQRyxpEWRJwli_EDXjvQynRqUKmfEhXIAH_03CbbU68nUwmrsixpB2of_k6g7fuvEWRFr_VnCSG8Lj9BeOEZ4GbPU4XUxQ6R3EfK8wq-rABV9EFYwhMOonN4Ja5e0K2EdTNSr6kZbG6Pb2deDFtJ5mDgu9sNqfV_uy4BB7DQgQJBzDWjgXH8daPZiy8eB5ecB6eATqdxTez71kpPk0vFKnWcVW1YzwAOK2L6N8VPxZ-8_UjoaIOynMtERmxJ1MDHqCV0-cK1PZjSGwQqXPPiZ0bNtNiMr5GUcPK_kZeSn0QQ_5QV2zjlkW0AcmKH6ZdrdvG8cBogjcBQ6q2GTUIfD9C7PxTmIycCgzgzdzUpaonKS6WfCxUPjSH8mau0i4VB4H9COvnX_D9NRPplyFmb3NlmVc59VC_r3ooc2qBTwOUcyNmQV3fKruVU75p6Uf5Ov9F28hqKQNjXn_WioHBZZj14S2SBHhVyixCcBsovPlkto43W8Hw8teKu08c0VM9iLKUJJ6a_hnE1sU28vMGzczqXap9gMipCyFGuC2qQ1v9PYL-YuAc7HCRO2WtjqAnLDbZ9Y_PqE2M
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
pagead2.googlesyndication.com/bg/ Frame 5119 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 21:22:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
17046
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13574
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 21:22:49 GMT
json
ssp.hinet.net/api/web/request/ 		17 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request/json?c=2017034&s=201702000017&u=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&ad=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&t=1650420408428&oi=rakLx&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017034%26s%3D201702000017%26u%3D7536927f-270b-7ca0-ddf6-9ac9caf6ad67%26ad%3D7536927f-270b-7ca0-ddf6-9ac9caf6ad67%26t%3D1650420408428%26oi%3DrakLx%26site%3Dhttps%253A%252F%252Ftimes.hinet.net%252Fnews%252F23869533
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
e091e49dfd6df3afa2eadfb799c8703d4de4181707813348004d335bccf5f0a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://times.hinet.net
date
Wed, 20 Apr 2022 02:06:55 GMT
access-control-allow-credentials
true
server
nginx
content-length
17
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
request
ssp.hinet.net/api/web/ 		510 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request?c=2017034&s=201702000017&u=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&ad=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&t=1650420408428&oi=nZjHL&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&o=csScp
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
49539702a839fc0fefc0552e74757c1500a602734fbd4a4d6d3d815b7cb9af54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:56 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
json
ssp.hinet.net/api/web/request/ 		539 B
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request/json?c=2017034&s=201702000074&u=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&ad=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&t=1650420408428&oi=X3GNT&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017034%26s%3D201702000074%26u%3D7536927f-270b-7ca0-ddf6-9ac9caf6ad67%26ad%3D7536927f-270b-7ca0-ddf6-9ac9caf6ad67%26t%3D1650420408428%26oi%3DX3GNT%26site%3Dhttps%253A%252F%252Ftimes.hinet.net%252Fnews%252F23869533
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
89826c702b6218ec61ed1341f78d3d7594893300e4b8789040c22ce29721a43e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://times.hinet.net
date
Wed, 20 Apr 2022 02:06:56 GMT
access-control-allow-credentials
true
server
nginx
content-length
539
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
request
ssp.hinet.net/api/web/ 		644 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request?c=2017034&s=201702000074&u=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&ad=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&t=1650420408428&oi=2chOu&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&o=VmYxL
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
d2598c87596c951d3ed95cb8d725669d12783890d657953552571aa563b852be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:56 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
json
ssp.hinet.net/api/web/request/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request/json?c=2017003&s=201702000041&u=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&ad=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&t=1650420408428&oi=J2Yru&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017003%26s%3D201702000041%26u%3D7536927f-270b-7ca0-ddf6-9ac9caf6ad67%26ad%3D7536927f-270b-7ca0-ddf6-9ac9caf6ad67%26t%3D1650420408428%26oi%3DJ2Yru%26site%3Dhttps%253A%252F%252Ftimes.hinet.net%252Fnews%252F23869533
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
a907b5d217cc55e8569c8c1f2026b66f12337525f79315ff1ee5edcf48817f96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://times.hinet.net
date
Wed, 20 Apr 2022 02:06:57 GMT
access-control-allow-credentials
true
server
nginx
content-length
1087
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
request
ssp.hinet.net/api/web/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request?c=2017003&s=201702000041&u=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&ad=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&t=1650420408428&oi=UJhu9&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&o=OBbko
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
057dc6635045deb290a366da0e3df6afb2bc6b410b939e04e455b24c27d7b3ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:57 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
jquery-1.9.1.min.js
code.jquery.com/ Frame 6597 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.9.1.min.js
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer
https://times.hinet.net/
Origin
https://times.hinet.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:57 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-169d5"
vary
Accept-Encoding
x-hw
1650420417.dop135.fr8.t,1650420417.cds281.fr8.hn,1650420417.cds250.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
32772
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 6597 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
12ae67ad9b72fa5b9b513ebd89f58838e14f561ccd3f3fdeaa0dec336bf35915
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28514
x-xss-protection
0
server
sffe
etag
"1191 / 714 of 1000 / last-modified: 1650406063"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Apr 2022 02:06:57 GMT
json
ssp.hinet.net/api/web/request/ 		540 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request/json?c=2017003&s=201702000008&u=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&ad=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&t=1650420408428&oi=l8joH&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017003%26s%3D201702000008%26u%3D7536927f-270b-7ca0-ddf6-9ac9caf6ad67%26ad%3D7536927f-270b-7ca0-ddf6-9ac9caf6ad67%26t%3D1650420408428%26oi%3Dl8joH%26site%3Dhttps%253A%252F%252Ftimes.hinet.net%252Fnews%252F23869533
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
27cc927df9c0803c26aa0a0abe711d52988af391a2e839f4c8c022d0a069f9eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://times.hinet.net
date
Wed, 20 Apr 2022 02:06:57 GMT
access-control-allow-credentials
true
server
nginx
content-length
540
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
request
ssp.hinet.net/api/web/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request?c=2017003&s=201702000008&u=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&ad=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&t=1650420408428&oi=O9OT1&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&o=KnUkW
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
a0134f605dec5c2c2e0c79ccd3717df1781c0c400c03e101bcadc9179083b151

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:57 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
jquery-1.9.1.min.js
code.jquery.com/ Frame 7E10 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.9.1.min.js
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer
https://times.hinet.net/
Origin
https://times.hinet.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:58 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-169d5"
vary
Accept-Encoding
x-hw
1650420418.dop135.fr8.t,1650420418.cds281.fr8.hn,1650420418.cds250.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
32772
zone.js
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ Frame 7E10
Redirect Chain
  • https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HUut9M-f
  • https://gocm.c.appier.net/apnnet?hzid=HUut9M-f&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fzone.js
  • https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=05tGHtxIAXqiVuioxWpfYg&hzid=HUut9M-f
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=05tGHtxIAXqiVuioxWpfYg&hzid=HUut9M-f
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
710e9ec54c57a14e2512948ae46683aa38b84f67aa3ed8f055f4d7cc0a80c1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:01 GMT
via
1.1 google
server
nginx/1.19.0
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8

Redirect headers

location
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=05tGHtxIAXqiVuioxWpfYg&hzid=HUut9M-f
date
Wed, 20 Apr 2022 02:07:01 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
120
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
json
ssp.hinet.net/api/web/request/ 		462 B
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request/json?c=2017034&s=201702000024&u=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&ad=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&t=1650420408428&oi=bKKc0&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017034%26s%3D201702000024%26u%3D7536927f-270b-7ca0-ddf6-9ac9caf6ad67%26ad%3D7536927f-270b-7ca0-ddf6-9ac9caf6ad67%26t%3D1650420408428%26oi%3DbKKc0%26site%3Dhttps%253A%252F%252Ftimes.hinet.net%252Fnews%252F23869533
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
22b46f2b1ecd85db8144f056da40a7a45d62aa70271f16b18c62d3f4ab7aa884

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://times.hinet.net
date
Wed, 20 Apr 2022 02:06:58 GMT
access-control-allow-credentials
true
server
nginx
content-length
462
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
request
ssp.hinet.net/api/web/ 		644 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request?c=2017034&s=201702000024&u=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&ad=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&t=1650420408428&oi=3LOJz&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&o=f19XU
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
3f851ce396b51a773182aaeb21a7a81ec7e7cf97abd7c7dd1b6646d3efcc7048

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:58 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
json
ssp.hinet.net/api/web/request/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request/json?c=2017003&s=201712000007&u=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&ad=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&t=1650420408428&oi=aS4lF&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017003%26s%3D201712000007%26u%3D7536927f-270b-7ca0-ddf6-9ac9caf6ad67%26ad%3D7536927f-270b-7ca0-ddf6-9ac9caf6ad67%26t%3D1650420408428%26oi%3DaS4lF%26site%3Dhttps%253A%252F%252Ftimes.hinet.net%252Fnews%252F23869533
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
c7839bf6f5f615f1e09231be909b7b4b3654e5ed13fd41db679d2eb25077ca48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://times.hinet.net
date
Wed, 20 Apr 2022 02:06:58 GMT
access-control-allow-credentials
true
server
nginx
content-length
1105
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
request
ssp.hinet.net/api/web/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request?c=2017003&s=201712000007&u=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&ad=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&t=1650420408428&oi=LVzmD&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&o=rxSwk
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
5905ce031fbe2e588d0c5acb76f3713d664c85d807849f7883cb67dbca5ff251

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:59 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
jquery-1.9.1.min.js
code.jquery.com/ Frame BD28 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.9.1.min.js
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer
https://times.hinet.net/
Origin
https://times.hinet.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:59 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-169d5"
vary
Accept-Encoding
x-hw
1650420419.dop135.fr8.t,1650420419.cds281.fr8.hn,1650420419.cds250.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
32772
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame BD28 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
a1f770e5189bda45f48850960cf778982b4dbc71e8a572724d961c7a786823b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:06:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28514
x-xss-protection
0
server
sffe
etag
"1191 / 659 of 1000 / last-modified: 1650405960"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Apr 2022 02:06:59 GMT
json
ssp.hinet.net/api/web/request/ 		543 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request/json?c=2017003&s=201712000006&u=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&ad=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&t=1650420408428&oi=00e5D&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017003%26s%3D201712000006%26u%3D7536927f-270b-7ca0-ddf6-9ac9caf6ad67%26ad%3D7536927f-270b-7ca0-ddf6-9ac9caf6ad67%26t%3D1650420408428%26oi%3D00e5D%26site%3Dhttps%253A%252F%252Ftimes.hinet.net%252Fnews%252F23869533
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
932e3fce14b1767c64ecf23621f5d403e929f043084bd0c1812aff0c8576c602

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://times.hinet.net
date
Wed, 20 Apr 2022 02:06:59 GMT
access-control-allow-credentials
true
server
nginx
content-length
543
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
request
ssp.hinet.net/api/web/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request?c=2017003&s=201712000006&u=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&ad=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&t=1650420408428&oi=69JkU&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&o=8RQn1
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
ba4be377f90a695108be5897d8a883a2c7bb6f88dd5b5e1f2630475bd44d6d29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:00 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
jquery-1.9.1.min.js
code.jquery.com/ Frame 1B1F 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.9.1.min.js
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer
https://times.hinet.net/
Origin
https://times.hinet.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:00 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-169d5"
vary
Accept-Encoding
x-hw
1650420420.dop135.fr8.t,1650420420.cds281.fr8.hn,1650420420.cds250.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
32772
zone.js
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ Frame 1B1F
Redirect Chain
  • https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=mhA69ro1
  • https://gocm.c.appier.net/apnnet?hzid=mhA69ro1&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fzone.js
  • https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=LaWLuHDKDi6AkkT0xWpfYg&hzid=mhA69ro1
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=LaWLuHDKDi6AkkT0xWpfYg&hzid=mhA69ro1
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
6e37e80c70319cef5825a0c567a263894f00db222c730ce8b88b5fdd49249636

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:01 GMT
via
1.1 google
server
nginx/1.19.0
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8

Redirect headers

location
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=LaWLuHDKDi6AkkT0xWpfYg&hzid=mhA69ro1
date
Wed, 20 Apr 2022 02:07:01 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
120
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
500
times.hinet.net/
Redirect Chain
  • https://times.hinet.net/news/undefined
  • https://times.hinet.net/500
18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/500
Protocol
H2
Server
168.95.245.4 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-4.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/23869533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:01 GMT
content-encoding
br
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
x-cache
MISS, MISS
content-language
de-DE
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
text/html;charset=UTF-8
x-xss-protection
1;mode=block
x-request-id
6dec6f0c687718dda8e78fa290de6450
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 20 Apr 2022 02:07:00 GMT
server
HiNetCDN/2203
x-frame-options
SAMEORIGIN
x-cache
MISS, MISS
content-language
de-DE
location
/500
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-length
0
x-xss-protection
1;mode=block
x-request-id
7700c89525a63252faf099b23afae77b
pixel
ssp.hinet.net/api/ Frame 49E3 		106 B
302 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.hinet.net/api/pixel?bd=626a4780cd7c28c1d9b5000d29462049dd6fd0db616f157aef8117f7b3492bcf&ch=2017034
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
c2b3bd344266b0e4a44b8add0800dcbf04237255843c23d507a924b6584f9889

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:00 GMT
last-modified
Thu, 13 Feb 2020 05:50:28 GMT
server
nginx
etag
"5e44e3a4-6a"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-credentials
true
accept-ranges
bytes
content-length
106
625d3326855d9.jpg
ssp-hinetwork.cdn.hinet.net/dsp/uploads/image/ Frame FECE
Redirect Chain
  • https://ssp.hinet.net/api/web/exposure/?token=165042041671228db4e541e5aa5d03
  • https://ssp-hinetwork.cdn.hinet.net/dsp/uploads/image/625d3326855d9.jpg
27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-hinetwork.cdn.hinet.net/dsp/uploads/image/625d3326855d9.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Server
202.39.67.8 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
202-39-67-8.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
779dd7ee4fd7b28ab24bff07a73673168634516d2840021a0211b422d31e3059

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:02 GMT
last-modified
Mon, 18 Apr 2022 09:45:10 GMT
server
HiNetCDN/2203
etag
"625d3326-6b28"
x-cache
HIT
content-type
image/jpeg
accept-ranges
bytes
content-length
27432

Redirect headers

access-control-allow-origin
https://times.hinet.net
date
Wed, 20 Apr 2022 02:07:00 GMT
access-control-allow-credentials
true
server
nginx
location
//ssp-hinetwork.cdn.hinet.net/dsp/uploads/image/625d3326855d9.jpg
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
third
ssp.hinet.net/api/web/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.hinet.net/api/web/third?c=2017003&s=201702000041&th=29&wc=3133
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:00 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
third
ssp.hinet.net/api/web/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.hinet.net/api/web/third?c=2017003&s=201702000008&th=77&wc=1049
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:00 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
625d3300360e1.jpg
ssp-hinetwork.cdn.hinet.net/dsp/uploads/image/ Frame 4F1F
Redirect Chain
  • https://ssp.hinet.net/api/web/exposure/?token=16504204186521008cf83e3359215d
  • https://ssp-hinetwork.cdn.hinet.net/dsp/uploads/image/625d3300360e1.jpg
31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-hinetwork.cdn.hinet.net/dsp/uploads/image/625d3300360e1.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Server
202.39.67.8 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
202-39-67-8.hinet-ip.hinet.net
Software
HiNetCDN/2203 /
Resource Hash
b1eb05809c17cda7941dd5a92e575e6b36a7b0054f4d45a4f726dfc94c4dd885

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:02 GMT
last-modified
Mon, 18 Apr 2022 09:44:32 GMT
server
HiNetCDN/2203
etag
"625d3300-7c7f"
x-cache
EXPIRED, HIT
content-type
image/jpeg
accept-ranges
bytes
content-length
31871

Redirect headers

access-control-allow-origin
https://times.hinet.net
date
Wed, 20 Apr 2022 02:07:00 GMT
access-control-allow-credentials
true
server
nginx
location
//ssp-hinetwork.cdn.hinet.net/dsp/uploads/image/625d3300360e1.jpg
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
third
ssp.hinet.net/api/web/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.hinet.net/api/web/third?c=2017003&s=201712000007&th=29&wc=3131
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:00 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
third
ssp.hinet.net/api/web/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.hinet.net/api/web/third?c=2017003&s=201712000006&th=77&wc=1394
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:00 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37fd22c1a997bb1c9d67d706fda22f1ea91b6a9dcd3bfc415fa55937fd359aaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10506
x-xss-protection
0
l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
pagead2.googlesyndication.com/bg/ Frame DC86 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740840196959600&output=html&h=400&slotname=4874654900&adk=3033242791&adf=2751418291&pi=t.ma~as.4874654900&w=580&psa=0&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420412742&bpp=2&bdt=185&idt=519&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=1&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420413&ga_hid=856103074&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1116&biw=1600&bih=1200&isw=580&ish=400&ifk=3581017202&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064019&oid=2&pvsid=55169206926762&pem=129&tmod=1527544047&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.8m9rx1id11s0&fsb=1&dtd=525
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 21:22:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
17051
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13574
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 21:22:49 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6435 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1740840196959600&plah=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Apr 2022 02:07:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4C76 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220413&jk=3975703067766539&bg=!paalpuLNAAZvJBiFTyQ7ACkAdvg8Wo0044WQT_j9_6YAkMa7v56ldKA40qqGi-tcBfKaEl9MPGGu1QIAAAMzUgAAAANoAQcKAGBgjtVd_jDvW_qs1jX1he8050_A5PT4xLwIaEvl7ae4_mTn7G_JyUoJd51vYLBfXT9l025-YhG_3g58tZGTRaQibnyZZOoM5jSFPYK6Mq5PgbPrTu-eArhcSySYSrzsbE6ZAsX0vPhVFwC4spXvP3Aii-d5WSWMGh5zEuPgbyMHIM48x-T8I0N7uf1MsqBY_Two-AKnOXuiFa10GhozB9IZrDL48utRvu40hmtZStibvFZGvglN7FbFWBTDMtpXKPoYtf73mNSAUjageOVOFkFHu9oTdSSDP1anDdjg-tgaCvtGFRU6JqkMy53vO2qEmbuUv4qB8avroR17L1eYZsO89h9T2wc-qHQXr3SO2_G-6sNxpt842L52ZdrSFl6hyjBoXRxDnuh4StiVqCGjkk6-L2k9SvNyJWSkFnwQCPK3rMiEmr2Rh2FTwJQQuUuNsbTk0hkOLYR71NXr3t-59dHroLF2JfRVbHzuVxjim1pMo49S53K9zBEYbX9FWNGVLK_qGt6JeUkXGxsPOFjDLhSF6hzZeQ9E0Sadx9n6EH2utWa4GA55GaY-8WKzeMKXlQvgZdofzV31G16hAmUrrqPkQVcyHOkJTFz8fW_pwJws-A5sZ3u_WP3lpjo8QBo_XQiL9k0k8NHpAO9S36P5RTIK06568pBvyzRoLHUNmz9hn1vcfXienRwsrK8h527SfT3zQv4_iWEqIHc07_kgXIUE2PwBElLtsGj-pWOSesLeo5B-LQgERVq1kuXV4c2sbwvV8oq6qCzpu13_cn907mo9mEn2vMnSCaCE99Zl-soKhrK78-nHSrWGjDvq74gJO0p8Iq5V6XtkwAbYBSHmjW6fk_mqOait97VlS4izxKfZBiVwwRbnynrBwCd9j-OznYYPF1Iax4cnEOh5tde2077Pwj4J5CMaqqoodeO02p-I_hK76wK8DSNKF8VPrAi7hFfmdvTevK1SjZNNydUWJRwUaCeO6Q1AAjKk4zRq8yloWzSd5ucOyB6gNIqI2Dl881nCDArCfU8cf_RrSD2Z4iEaZ413BtJkcpLnH8U6joqPnHmtvxMJ0h7C
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Apr 2022 02:07:00 GMT
1643183777.jpg
cdnstatic.svc.litv.tv/pics/embed_showcase/2022/01/ Frame 2197 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnstatic.svc.litv.tv/pics/embed_showcase/2022/01/1643183777.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-51.dus51.r.cloudfront.net
Software
Apache/2.2.21 (Unix) DAV/2 /
Resource Hash
cc1e2b9ce7d7f1405b658dc35826027924d76e808c7e48cacd2d40c4f9299636

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 03 Apr 2022 06:04:58 GMT
via
1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
age
1454503
x-cache
Hit from cloudfront
content-length
66926
last-modified
Wed, 26 Jan 2022 07:56:19 GMT
server
Apache/2.2.21 (Unix) DAV/2
etag
"406b33-1056e-5d677897412c0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
QKE-AEamNHj1oO1c0owR5JG5TJ9v5Q8vIEKHAmMiD8iLr5iPfjV1YA==
expires
Tue, 03 May 2022 06:04:58 GMT
1645595949.jpg
cdnstatic.svc.litv.tv/pics/embed_showcase/2022/02/ Frame 2197 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnstatic.svc.litv.tv/pics/embed_showcase/2022/02/1645595949.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-51.dus51.r.cloudfront.net
Software
Apache/2.2.21 (Unix) DAV/2 /
Resource Hash
1b21f754bdef534839e86c1ff170d7137eaf4801380fce424e7e368d831bb01a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 18:50:47 GMT
via
1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
age
1754178
x-cache
Hit from cloudfront
content-length
71824
last-modified
Wed, 23 Feb 2022 05:59:10 GMT
server
Apache/2.2.21 (Unix) DAV/2
etag
"40917a-11890-5d8a92a1161e6"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
ftkg_653mIhN8qyGT43LbBTkIGAL9eRFhWo_xJNNyXFOJ6PhVCqWYQ==
expires
Fri, 29 Apr 2022 18:50:47 GMT
1602122756.jpg
cdnstatic.svc.litv.tv/pics/embed_showcase/2020/10/ Frame 2197 		141 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnstatic.svc.litv.tv/pics/embed_showcase/2020/10/1602122756.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-51.dus51.r.cloudfront.net
Software
Apache/2.2.21 (Unix) DAV/2 /
Resource Hash
4e0524f6acc3a65c90b93b7760e6e58ae838e9dc9506c7f34f13fad5965a4e0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 09:23:28 GMT
via
1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
age
2479393
x-cache
Hit from cloudfront
content-length
144195
last-modified
Thu, 08 Oct 2020 02:05:57 GMT
server
Apache/2.2.21 (Unix) DAV/2
etag
"2a2608-23343-5b11f45d8e8fc"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
wcBPaf9xxK3oC9k2_XNYtTp8YF8TdeQ9cUWbcJLcwBrcb_DYLx4_BQ==
expires
Thu, 21 Apr 2022 09:23:28 GMT
1632998096.png
cdnstatic.svc.litv.tv/pics/embed_showcase/2021/09/ Frame 2197 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnstatic.svc.litv.tv/pics/embed_showcase/2021/09/1632998096.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-51.dus51.r.cloudfront.net
Software
Apache/2.2.21 (Unix) DAV/2 /
Resource Hash
0bd6bded44fbb97cadeb6f270bea08907bb7dbb4d3b8c57c18b89fa8f5861d51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 08:04:45 GMT
via
1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
age
1188140
x-cache
Hit from cloudfront
content-length
27261
last-modified
Thu, 30 Sep 2021 10:34:57 GMT
server
Apache/2.2.21 (Unix) DAV/2
etag
"39eb15-6a7d-5cd33ff863602"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
uJGSsWPJ-PhEA0plIVRmB6UeF7iAMltmJ-pV6TeRE2DU731JQVJ-Bw==
expires
Fri, 06 May 2022 08:04:45 GMT
collect
www.google-analytics.com/g/ Frame F825 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-JRLWM3RJSP&gtm=2oe4i1&_p=1333604158&_z=ccd.NbB&cid=34940685.1650420411&ul=en-us&sr=1600x1200&sid=1650420411&sct=1&seg=0&dl=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fex.html%3Fid%3Dppn-aGluZXQ2%7CaGluZXQ%3D&dr=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fppnif.html%3Fs%3DaGluZXQ2%7CaGluZXQ%3D&dt=&_s=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JRLWM3RJSP&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ Frame 10DB 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-JRLWM3RJSP&gtm=2oe4i1&_p=2040786201&_z=ccd.NbB&cid=34940685.1650420411&ul=en-us&sr=1600x1200&_s=2&sid=1650420411&sct=1&seg=0&dl=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fex.html%3Fid%3Dppn-aGluZXQz%7CaGluZXQ%3D&dr=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fppnif.html%3Fs%3DaGluZXQz%7CaGluZXQ%3D&dt=&en=scroll&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JRLWM3RJSP&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vod44682-000000M001_400K0.ts
lispeedtest.akamaized.net/ppninstead/ Frame 9DEF 		252 KB
252 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lispeedtest.akamaized.net/ppninstead/vod44682-000000M001_400K0.ts
Requested by
Host: jsmodule.svc.litv.tv
URL: https://jsmodule.svc.litv.tv/videojs/video.novtt.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a02:26f0:3500:4::b818:4dc1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c8b7a9b205325f5b9814ceb75ad1a4095d980f20f445e8bdb2a7b5227932092e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:00 GMT
akamai-mon-iucid-del
835817
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
258312
last-modified
Fri, 11 Dec 2020 02:53:32 GMT
server
AkamaiNetStorage
etag
"b43fb0fc442d6a7217831a7709b69cab:1607655212.47467"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control
max-age=27988351
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
quic-version
Q050
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 366F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
16004
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 21:40:16 GMT
expires
Wed, 19 Apr 2023 21:40:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4C2F 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
069789daadf832719e6626347c4e5cb9932da94ca68b222752abea8138615abb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FWvdb5wZs3J9NDxMEZII9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-FWvdb5wZs3J9NDxMEZII9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:07:00 GMT
expires
Wed, 20 Apr 2022 02:07:00 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5C87 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
16004
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 21:40:16 GMT
expires
Wed, 19 Apr 2023 21:40:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7218 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e18248ae265521bfcd2e4b6426b9c9142a5795a6de11b637a03ba0d5d7aa922c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5P3JCrntDdfWaR/0uy3zJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-5P3JCrntDdfWaR/0uy3zJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:07:00 GMT
expires
Wed, 20 Apr 2022 02:07:00 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
dt
dt.adsafeprotected.com/ Frame 559D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=ff7f3f86-8b20-298b-9621-314a39f83ee1&tv=%7Bc:ahRgiL,pingTime:-10,time:6563,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDAuMC40ODk2Ljc1IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1650420420082%7C%7Cd09d529127215ee4643854e3cf93ae36%7C%7Ceb4f03ab9dc867f6a5bdb2294b85db99%7C%7Ce14a08621340ea526c4eb48c595302a9%7C%7C4afd85cd373f60d8a35ac847e291b975%7C%7C98105ef7a1e5f0527f0a2b2e8a0816e1%7C%7C045501a66c0f7f37e8bcd46854f90206%7C%7Ca1bff0028337eec3c40981e9485ea24e%7C%7C1629390669,im:%7Bpci:%7Btdr:496%7D,imprf:%7Bttecl:1709,ecd:118,tsecr:485%7D%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.43.225 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-43-225.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:00 GMT
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
pubads_impl_2022041301.js
securepubads.g.doubleclick.net/gpt/ Frame 6597 		362 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
638d2f5ba5cf501a58131a42efe30aa2c2154904b0654a517cce4baeef308022
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 17:40:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30401
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125956
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 08:34:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 19 Apr 2023 17:40:19 GMT
pubads_impl_2022041301.js
securepubads.g.doubleclick.net/gpt/ Frame BD28 		362 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
638d2f5ba5cf501a58131a42efe30aa2c2154904b0654a517cce4baeef308022
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 21:22:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17057
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125956
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 08:34:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 19 Apr 2023 21:22:43 GMT
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Wed, 20 Apr 2022 02:07:01 GMT
Via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
X-Amz-Cf-Id
mGk0M-8nayfu9ie23s28oMPyXtgf1Y66dyOOH7cWQZRExPuT7b2nlw==
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 9DEF 		39 B
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash
a94b1df49cd1f0179f5e1110f80d13b97bb84f3ae1310ff67829d68db89df390
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 20 Apr 2022 02:07:02 GMT
Via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-C1
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
39
X-Amz-Cf-Id
AGgN2nvD0azJqd_gfymQSnEKiLB2xDCKtoWcadnH9f_ENJ8ElIr6nA==
integrator.js
adservice.google.com/adsid/ Frame 9DEF 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=player.svc.litv.tv
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 4C2F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220413&jk=55169206926762&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
integrator.js
adservice.google.de/adsid/ Frame 6597 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 6597 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6597 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=4083487652389881&vrg=2022041301&nw_id=33575001&nslots=1&eid=31067070%2C31067132&pub_url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&sig=0&req=0&req_cnt=1&dm=8
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 6597 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4083487652389881&correlator=2667056595604769&eid=31067070%2C31067132&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fifs&iu_parts=33575001%2Ctimes300250pand&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=2857526175&sfv=1-0-38&ecs=20220420&fsapi=false&sc=1&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&cdm=times.hinet.net&abxe=1&dt=1650420420509&lmt=1650420420&dlt=1650420416524&idt=3944&biw=1600&bih=1200&adxs=-12245933&adys=-12245933&ucis=4tjsxcnzbmmk&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&top=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&frm=23&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=0x0&fws=260&ohw=0&ea=0&ga_vid=1746851889.1650420409&ga_sid=1650420421&ga_hid=180449395&ga_fc=true&btvi=-1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
920bdd8aa4937ae328a35cfd1981f8e3925b64e3fd3d21bb8eb79d9a673b6995
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8684
x-xss-protection
0
google-lineitem-id
5755251580
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138358920301
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
42fbc773b1deded427a8b895ce413d22.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9ED6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://42fbc773b1deded427a8b895ce413d22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:07:01 GMT
expires
Thu, 20 Apr 2023 02:07:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame BD28 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame BD28 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame BD28 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3036698653969843&correlator=2642431642318098&eid=31065714%2C31067071%2C31064018&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fifs&iu_parts=33575001%2Cportal_niusnews300x250-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=2460948243&sfv=1-0-38&ecs=20220420&fsapi=false&sc=1&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&cdm=times.hinet.net&abxe=1&dt=1650420420538&lmt=1650420420&dlt=1650420418479&idt=2048&biw=1600&bih=1200&isw=300&ish=250&adxs=1000&adys=2914&ucis=26cvsqijq0fd&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&top=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x250&fws=260&ohw=300&ea=0&ga_vid=1746851889.1650420409&ga_sid=1650420421&ga_hid=594105525&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ace0ac15d2a61d8f72177d972b781a131ba12375032dfd45c483f46be536cc81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8627
x-xss-protection
0
google-lineitem-id
5755788218
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138369610934
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
14caa0eb8c9720740e17322578407696.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F9AC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://14caa0eb8c9720740e17322578407696.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:07:01 GMT
expires
Thu, 20 Apr 2023 02:07:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 7218 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041801&jk=173953894828614&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
pagead2.googlesyndication.com/bg/ Frame 366F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 21:22:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
17052
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13574
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 21:22:49 GMT
l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
pagead2.googlesyndication.com/bg/ Frame 5C87 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 21:22:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
17052
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13574
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 21:22:49 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A18F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstpzPLWds0x-04pzuAhvUiBqPM7EzGC4W_qkUVZQ-EkFQd6pAdW6zoGTOH5aX5EweRsxMTlmD46Zu4scMXZQFryqf_Q6oE4567DqfdJho5N-rkOpjAKEZITAUDDomDokiBnhYsoWJmZWJLD5368C68YvsqcgE2iTc5P8YYruXylFj2zBjCSHznUGR_jKeKK_dSWJ1EGWOIew93rSex9z4xiPcqtJ13OXE2VejtrkrRO6dHZkWOEWzlejf1QaOO3adgALv9235xuCjnvVy6NzQJFe8eucw-qQgqIuBk_T70jHupBnZtukllwrFFt&sig=Cg0ArKJSzDn92wsXVNsvEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame A18F 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
1368ef2309695427daf1ca5a8ef461a7ebb32aea50a74c970822b66fc6795a57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28522
x-xss-protection
0
server
sffe
etag
"1191 / 809 of 1000 / last-modified: 1650406063"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Apr 2022 02:07:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A18F 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650281421154365"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Apr 2022 02:07:01 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A2B7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTnvL4uf990eOwH15vkHBfOEhU_rXizOGdRkawg3cNBWn1h9TOqzsnJbjd7YwbnDL3oBbGCmTfAc_D-qm4NP3J2_4jXpl_1nVXVN9kZ7MN3a7QwppxLn6yyeG32F3L5LNYwxfZEtDsyxErlcux0rUoqf9GUO8PA6s2_XjF3DSC3mFHCrZ815YgZA2XFMIWJE5hx_vxVflC0yDXWCizts90JvNCKttc5xDgKr83e378DnHtZaFP_abro0TgPh6yNgBOtgXT4kDntQLl1F1PnCgujXUhWFQg4IGAxoPryobzM_uqDQDFn9JMjZmk5M3tT6aYYIvt&sig=Cg0ArKJSzFsMwuWo72tKEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
5682.js
cnt.trvdp.com/js/1314/ Frame A2B7 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cnt.trvdp.com/js/1314/5682.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:f800:1e:6a6f:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
901c00bc8a155d7295088b2445c717289552bb5566d3554967ea5f0a255fbcc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 07:17:01 GMT
content-encoding
br
last-modified
Thu, 16 Dec 2021 07:15:31 GMT
server
AmazonS3
age
10781401
etag
W/"869f3ff93a0d026b62b1b5873f8ad85a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
p5o-Px6q9LGU_qTaExaRJQXPqlc4W52mus3B4cjy13mWbUA1Z3jMTw==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame A2B7 		155 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4457659720163747
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4cde3963ee7db052e553a745e186c7e9dc6c74bffa16c27238818eafd696874e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Origin
https://times.hinet.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54309
x-xss-protection
0
server
cafe
etag
5665714131742910200
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 20 Apr 2022 02:07:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A2B7 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650281421154365"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Apr 2022 02:07:01 GMT
adServe.do
web.ssp.yahoo.com/admax/ Frame F5BD 		240 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.ssp.yahoo.com/admax/adServe.do?dcn=8a969d0b017c7c07d54408192a8d0017&pos=8a969d0b017c7c07d544082575b8003e&secure=1&req(url)=hinet.net&ht=[PLAYERHEIGHT]&wd=[PLAYERWIDTH]
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.510.1_zh_tw.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
a989bd6456355cd905d347528af9b1ce657b9b28fe85a9bc8cd9ae1d7d41961e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:01 GMT
server
ATS/9.1.0.33
age
0
access-control-allow-methods
GET,POST
content-type
text/xml;charset=utf-8
access-control-allow-origin
https://imasdk.googleapis.com
access-control-expose-headers
X-Nexage-AdTid
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
240
expires
Thu, 01 Jan 1970 00:00:00 GMT
pubads_impl_2022041401.js
securepubads.g.doubleclick.net/gpt/ Frame A18F 		362 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067133
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
108a5ee6306c726271c490dceca48e5fb5a148ea41fcb9fe55cd5d348f16eb57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 18:53:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125916
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 08:34:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 19 Apr 2023 18:53:27 GMT
truncated
/ Frame A2B7 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
110827f95088f524f0e8e0dd0b1296bff78aad4380a33bc4880681a60f616d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/ Frame A2B7 		303 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457659720163747&plah=times.hinet.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4457659720163747
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93984adff71c5720735c377ebbb184f0ad5e6f9b355b41680034679a1957291d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110910
x-xss-protection
0
server
cafe
etag
3845817491184810140
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 20 Apr 2022 02:07:01 GMT
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Wed, 20 Apr 2022 02:07:02 GMT
Via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
X-Amz-Cf-Id
r0PCKRSj_htMpoUoZQ15b1rHRLctxdfQ6uze_ISwSXpcs1-uPeoFvw==
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Wed, 20 Apr 2022 02:07:02 GMT
Via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
X-Amz-Cf-Id
Gu_qDy3a3a7vHxKo_lkgeJJYR-xf8S5KNLKSzADo_4O7vrvb2XFHPg==
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 9DEF 		39 B
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash
0f35e9afae4d24612fcedd815c247d633510a123c6f9f409222a89c75ffd2419
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 20 Apr 2022 02:07:03 GMT
Via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-C1
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
39
X-Amz-Cf-Id
N4OufVKmFmjf1m-f2NoQ2qi_Pm3MSDDt-sNkg3KKqy0HAYAt9sKa-A==
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 9DEF 		39 B
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash
3f254f124ac5df59bea509037c6cc85e1d997b394cfed336c656add47aa9ba8c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 20 Apr 2022 02:07:02 GMT
Via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-C1
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
39
X-Amz-Cf-Id
yyBILoV_R5sbz5luLxNC--ipr7mpH62A1cNih2cY-I6aQtjPzFjTQA==
integrator.js
adservice.google.com/adsid/ Frame 9DEF 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=player.svc.litv.tv
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zone.bid
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ Frame 7E10 		241 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.bid?acid=LaWLuHDKDi6AkkT0xWpfYg&hzid=HUut9M-f
Requested by
Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HUut9M-f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
36e29c3f1bde596e1659a920761392797413c87a4371aed685da7963d3dc6f0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:02 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
241
zone.bid
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ Frame 1B1F 		241 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.bid?acid=LaWLuHDKDi6AkkT0xWpfYg&hzid=mhA69ro1
Requested by
Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=mhA69ro1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
17846201118cd97027dc85d5c99293d2103fe0a9d0720d40aa85cab7d38b19a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:02 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
241
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5119 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzWSIvWpfYsW5G5GV3wPDh7y4BQAAAAA4AeAEAg&bg=!mZqlmt7NAAZvJBiFTyQ7ACkAdvg8WtzxC9AGbntOU77bssxZjNb2OaRyEMB3ynBr8E2xomh020dj0AIAAAT3UgAAAANoAQcKAI13BLAJRCbQzg3Z5tryqe4t3fU3WCV2UB4pYLXScYmDfBDZTTG6ALtwuksoSnRonml2ekuSw9HXfPkUyZZa2Jve5fSR1oiehQW2RpUVMJTQuZcD5OVnrlj2I20THISbPaw2WGqds_60FTHYbZCBY-kg8vBmQegbIw2RK_VNkfRjv3MRg-4p9k6ZD6B5_EyZAvmRtEwmNWKQJ9gBY4xykS-3V5FJm8hnNQWgFHJVjolhKTDL0JLflkB5gnPYzOosLMTh_2Vn3TRsf9Fgqcho2I13EB4TF4wV9un92zSgzC3H3yiU-9mE2i93B9S8p0iVegATzI4VsPiVlO6g6knxfVM5S3A6NTdW5p5yetval7ij76snEMTHdAfOaDVL6moG3KknXpUSdHyV8QQ1rlbG7NXY-Zus_ABJqa87xthbbXuKbn22HmviKet9EbbG5eoH43M0kNojj00nm5ErhnZoO7Uk1w4q7OZhY81ogE51Y8WNme-3ymtV6HZG4ETsi_6JpFdsYDHaOgFyMOp85-tskO_dgcqMRSBgTz7RF10t_cAjx0HZNFptXocDOcAq6JfmyQdIw0bx1S1M6QVN9XkPnDU-QJnVMmaeHrgdsAHI1V8enUeeC7md27PWztwVBMbyxrMNRyrZDgZ2L9hZKcioXDG0nGJ45GrBDnvRzonsOW3aRZTYrbX4iPYk9TfwARy7QyXR461BffDV64PBDTA8EtAYLKXzqKfgu5-DEBiNWOQa4MRoS0K3aEO0XAPfqKs9eBfjRYnSnYsHnL5WlE9-XDTt2WHACIRc5dWCBfiE_oe8SF9prp8UIgen_INsPJY3NxaA1hUonJJ6601NWiRwa490E7FJZMMGPbpUByTcBInh-XKjG0i2MaFwDp_RISMZ5SFtshBPfprtbbmIh2Ic5Ms1Sdd5n2zhOBzuwv_4cN_Hb7tcmVHGv3kmOG_b2c1WV1gs9kkUeQr2BenzCskZ9bsUA92z4oEbCd2B6hNM8EThZ5rWXxlCZpN4jHcjZKiyN3rzVI8ItwjrJyCMf9a716PukNjxahmCkl8R2Mr3DHyDmdD-byi-LRWDv_aEvD7hRwKkBnl9LDxNOFZ6hfmdich-RqGOAh6hSYr9p5C_xRuwR4E6xq9BArT_vEBuCg5mqcG26b5Y0mZftY0FmqyY9uqJkdh1yrlyYkA4-ELAi_exUfwvdaQslOjUHA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame A18F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067133
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A18F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067133
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame A18F 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1452125250450796&correlator=1888426203807500&eid=31067133%2C31067072%2C21065725&output=ldjh&gdfp_req=1&vrg=2022041401&ptt=17&impl=fifs&iu_parts=7682122%3A33575001%2CSF_hinet_times_PC_idlepages_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=3902056462&sfv=1-0-38&ecs=20220420&fsapi=false&sc=1&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&cdm=times.hinet.net&abxe=1&dt=1650420421366&lmt=1650420421&dlt=1650420420620&idt=701&biw=1600&bih=1200&adxs=-12245933&adys=-12245933&ucis=wwbfgcibv5n2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=2&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&top=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&frm=23&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=1746851889.1650420409&ga_sid=1650420421&ga_hid=523282880&ga_fc=true&btvi=-1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067133
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
adb9c0dd57fba6d0ee1c2dddf43e08cc61ad36885bf001321d3577400d088701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9502
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9339 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:07:02 GMT
expires
Thu, 20 Apr 2023 02:07:02 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame A2B7 		213 B
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=times.hinet.net&callback=_gfp_s_&client=ca-pub-4457659720163747&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457659720163747&plah=times.hinet.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
10fda0a60d47fb7abac09257d76eb36bcda674a3e88f20eb02e6f054b8b106e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
200
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame A2B7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457659720163747&plah=times.hinet.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A2B7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457659720163747&plah=times.hinet.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame A2B7 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&tn=DIV&id=goTop&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 8D2D 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&adk=1812271804&adf=2662694623&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420421151&bpp=5&bdt=508&idt=264&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420421&ga_hid=161013570&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=3799455184&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064018&oid=2&pvsid=1067251748401404&pem=129&tmod=813030052&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.8mqaf5vfdg8m&btvi=1&fsb=1&dtd=322
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457659720163747&plah=times.hinet.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:07:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 06CF 		33 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=250&slotname=3089906698&adk=1280429565&adf=3171381554&pi=t.ma~as.3089906698&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420421156&bpp=2&bdt=512&idt=382&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420421&ga_hid=161013570&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=2914&biw=1600&bih=1200&isw=300&ish=250&ifk=3799455184&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064018&oid=2&pvsid=1067251748401404&pem=129&tmod=813030052&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.cv3feg77v16r&btvi=2&fsb=1&dtd=393
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457659720163747&plah=times.hinet.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad574b7fae620f9b29d884379af4c9ac7d761159d64e4f117d1d5b29a856e846
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
13180
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:07:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
fpc
pmp-beacon.apx.appier.net/v1/ Frame 7E10 		12 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pmp-beacon.apx.appier.net/v1/fpc?type=apn&event=pageview
Requested by
Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HUut9M-f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Request headers

Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Apr 2022 02:07:02 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
https://times.hinet.net
access-control-expose-headers
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
arjs.php
ad2.apx.appier.net/www/delivery/ Frame 3A9B
Redirect Chain
  • https://ad2.apx.appier.net/www/delivery/js.php?zoneid=667&id=id0jmux32qfexrqfq
  • https://gocm.c.appier.net/aanet?id=id0jmux32qfexrqfq&url=ad2.apx.appier.net&zoneid=667
  • https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=667&acid=LaWLuHDKDi6AkkT0xWpfYg&id=id0jmux32qfexrqfq
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=667&acid=LaWLuHDKDi6AkkT0xWpfYg&id=id0jmux32qfexrqfq
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
404444e201aa3355b7545ff413b0408a23e05aa53f8221976e802112ea416449

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:02 GMT
via
1.1 google
server
nginx/1.19.0
cache-control
no-store
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8

Redirect headers

location
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=667&acid=LaWLuHDKDi6AkkT0xWpfYg&id=id0jmux32qfexrqfq
date
Wed, 20 Apr 2022 02:07:02 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
139
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
gcm
gocm.c.appier.net/ Frame 3A9B 		42 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gocm.c.appier.net/gcm
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.162.58.205 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1471-205.members.linode.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:02 GMT
cache-control
no-store
server
nginx
content-type
image/gif
content-length
42
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
fpc
pmp-beacon.apx.appier.net/v1/ Frame 1B1F 		12 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pmp-beacon.apx.appier.net/v1/fpc?type=apn&event=pageview
Requested by
Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=mhA69ro1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Request headers

Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Apr 2022 02:07:02 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
https://times.hinet.net
access-control-expose-headers
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
gcm
gocm.c.appier.net/ Frame BCD3 		42 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gocm.c.appier.net/gcm
Requested by
Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=mhA69ro1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.162.58.205 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1471-205.members.linode.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:02 GMT
cache-control
no-store
server
nginx
content-type
image/gif
content-length
42
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
arjs.php
ad2.apx.appier.net/www/delivery/ Frame BCD3
Redirect Chain
  • https://ad2.apx.appier.net/www/delivery/js.php?zoneid=980&id=idgj6nm4j0ch2llzs
  • https://gocm.c.appier.net/aanet?id=idgj6nm4j0ch2llzs&url=ad2.apx.appier.net&zoneid=980
  • https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=980&acid=LaWLuHDKDi6AkkT0xWpfYg&id=idgj6nm4j0ch2llzs
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=980&acid=LaWLuHDKDi6AkkT0xWpfYg&id=idgj6nm4j0ch2llzs
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4dfa523e27e3cc936f0d786f3aa73bd9af1fd535cba4b1cc43cabdf33cf1ee3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:02 GMT
via
1.1 google
server
nginx/1.19.0
cache-control
no-store
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8

Redirect headers

location
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=980&acid=LaWLuHDKDi6AkkT0xWpfYg&id=idgj6nm4j0ch2llzs
date
Wed, 20 Apr 2022 02:07:02 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
139
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
container.html
8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8405 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067133
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:07:02 GMT
expires
Thu, 20 Apr 2023 02:07:02 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aL3BZ+3vSNmS81GvhwKFwMJJNo4wlhu2
ads.adaptv.advertising.com/a/h/ Frame F5BD 		39 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/aL3BZ+3vSNmS81GvhwKFwMJJNo4wlhu2?cb=1650420421176&pet=preroll&pageUrl=https%3A%2F%2Fwww.hinet.net%2F&pi.width=0&pi.height=0&pi.viewable=1&eov=eov
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.510.1_zh_tw.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.136.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-136-79.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c66174bdd188ea0a6cdc03fb938ed608c8502b8de891ae7d6193d2af0c338b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
content-encoding
gzip
server
adaptv/1.0
content-type
text/plain
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
59
expires
0
generate_204
tpc.googlesyndication.com/ Frame 366F 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?g5cdmg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
aL3BZ+3vSNmS81GvhwKFwMJJNo4wlhu2
ads.adaptv.advertising.com/a/h/ Frame F5BD 		39 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/aL3BZ+3vSNmS81GvhwKFwMJJNo4wlhu2?cb=1650420421176&pet=preroll&pageUrl=https%3A%2F%2Fwww.hinet.net%2F&pi.width=0&pi.height=0&pi.viewable=1&eov=eov
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.510.1_zh_tw.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.136.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-136-79.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c66174bdd188ea0a6cdc03fb938ed608c8502b8de891ae7d6193d2af0c338b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
content-encoding
gzip
server
adaptv/1.0
content-type
text/plain
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
59
expires
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame B676 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNzg5AEQxrjnARiok_PGATAB&v=APEucNUBs2p2tOLE-ovOd6NuQtUIyCj3vcVea65zz7ghAORWFYAQ-i9TPWH-1Eu4GvghpopOeckatBvjUFMOYnBo89CARw_4uOaImyQqj1tIl0k3MtV4lbOkXETdeAurhDUMBxdFDXgieICZe8a1WNhGZBBlAAJfNwLJxqzoCyOCWuPN4biyfcs
Requested by
Host: 8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com
URL: https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:07:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 8405 		78 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AU5pmQs-kfdBSyqHTrepVwlj5qT5OxPHwK6_PpN38LJN0g3t7vfHwUljBMmC1-LAauK6l0oKcJT4D6ZHEdcUpZafEVHpd2hv8srUNLmFgBXScpwlEZHz6_EaYesBr49iwfNutWP03w5ALQbqlVHFjCicEYBA&dbm_d=AKAmf-Da5W1Fs6758G-SEGzXyUBoXkAXVSubgWxIoGkziPH4CS0CpLeAHp8qhUy94YEp4CQEpGaEgssfZgIA7Ky8t4gHsl4tZAjEPsmlDIpdyaqqj0bwIkqFJeL95x9V0HoV-j7tjREOvX83nsx91ZxCscANqhTdXae7Y2tKMTggjXBPTH0prFV60y0PY4LtJ5BXmv8vABVVOVb2zTRw35WQws4uBJ_Wf3CemMo93WlXfJgVxerelFpzqTjuUAfNCAd_Dx9WzD6Zge98BL9sWkI23yXpsOYWUWENsp4nQl1LbSaudlXxq29ZJjvChivcMZUmUiKzHREn5cxb6_N3jzbP3z_Vs2aDlcQnMh1-BeNyucH7yvMoLAqIx_irfcL93g88BBlD25qrW9Q9FxoSbSYY6ypZsSl7R7U1DXo3VdAm3rWIkEFzeUMKu4_b7gqyS0NkKs8F3Blycq_BK7ff4-O9q3zVPyRPqQq2MJb7dTbjYTmZjWAMRDABP3s8fXEwQz3KeP259mOtuhHQf3DZSL_4rbjjjvPaX-dSURarc-fMdyqkcOQ0_EPQXtEPZnr0UkfVGfBSuDSy1Q_YtlUocv2FrVdcRLvmsnOLiKA5m7k_9XN9V6B-BNLZ9REBEArklqPXNMgsIYCOVKE-x7rBWAWmv2VDi7hlYAaBkKY2KCJW73pdMopGsxq45NKvChT8AdMGblkjWypIseaJPLweciFHkG9zyzSXYfE8gIw99YC-u8q8o4M5Zzl-NNjnIoJ2wJT9v1R4mFa-bGQyr2aC6H850fUJPtVgQtmNDWRKEmQGd25Ms4TnPP0KfpEHXrSy8h9_l0tWkxs0rfJ1jxe6MyVfMUbFonW3FEVCJtvpRvwaFQ9Owr7ANTKGsRsqWXM7mz20Rk6vJbouSzL8v0TAKmqdDTTPtXX7JmPpPB6sPn8wC1ax5b_5gaDbKvGfjZMscH6MSNhEtHOUCQFTEilcptlKpFhV3Gaq5mMtECN2ykg5iFE4slwov5nDotrfs5sDJvIbONWjNL9m6cJKGJx80wH-ceD64aruoPJVwlze4mfcwKGG6zr-brcDUo2tfLJY2DHhEiVe2coPmazExl3-_-UHu7cM9B38si448juzpref2L_RmcUgEKf-Kll3xUgeMR0udcahH3tTMPvRMFd-qfhPiWdjg7LXv5PqPlUVk3TheRkx4Ydgy37L0zSCDfTAt5e17HQn1jlmNZUbeNcZwEpCs098j1tDey8a8XJAMkD_rjDasHazZq14NW5G4sNHdkpwIZ_IL70WoYYWUCQMu5-FpiLJ1g-9EoVAHgPj8aNHgSODcH8ulrDHJMeYcTJlaFxWyshgMnunsQrgkeX2RxiqlkyidSZhS5_1igxgQFG7Iuz0ePc_fLDJhVl3HMPpNvFt6gS9iVB2YuhERYG_9y-xPg9KrDM2UOUUnSOEUtGuNCV2L8lgHK8_PbRNzu9BSTErCircWJDhMFp3i2s75llm_9QI1Y0VyuVDZvtR1NQUQ0g3Semci9XHBr7r81M36iPzKuJVjeztEW5VuJjb6zXXV-H5ugvN9GpU1a15SmP5osu9Esh_SQ1BzU5V7ySPUZfT6Ob_n80n5z8lS1a_PCxnBYqzcrbyhsMxtH8rpd_XiNM2IFNDy7z52rKTvnSqkvhMj7IB3oOKWTxlVC_FjS9_xBY7QZ8zM_eAyWcNM7KQMDXs1c3f1fzG_j9XbXKNiuA74zUGFtwOZWbj40uFLIltliUKOuSJSAYyHLGH16xUk6WmqGuE354ZHyJnHQ46bvV-5Xo-ZYq69s-kgoQEZ4_jDKM3LxzLlRn42PTwor6OIKjhi_qHD_mAXauFJbDRPO2FZio2pr3Ifu-NVxTz8uV5sLp5b6lhvEzSig8hSyTjGvxXsfQhbIuiM8VqVUaQcvUISSmKZZxRaWQLinRd9DiB_XU4EUPo30vaCdN5AKkIb8yxj0hKxRH9CtKcUtgIFalDRXFRSngfRsVajbg0mj5dTDYeWPmiU6WZNSt8hz__AFIPJl1G8Kylp73pTkZnJhFrouLsWUb6uRBld0OJkvreGdkT8yxuvlaQWRTFouyPkVjLqqCtIuJEwK2f1XYGDfLAp2wthJEF_wl9F75FqPtS23cYdsq0M_OXw5lYej5L2QDQJI1hYHWbTUmD5_-4n6jY0Rl_-xBipiyeqLoXXgpn8u3Z5sLab93N8wDIC3ypcZYYM532oxPtrFlSJmGY_z-hVBAOYxsHEF2i3YB7VAGH0eRo96xgEOGxgfxw-CQPDjK912aj4fcXbZrP5n9HpMI3QQD2RS0pBO2TVIVjmlpIrZJlJ3AMGK5RvEGgMq0GU0BIIOpHQJrlLYjYwbBAFXEnsl0S07TBU2tUprmkoC3bpGJD0fK3E--XE6QF47PqzCXsGog64_mphNcbXtox6mrHSqNYJS1vY9MqMJx8Z5LC8cVlxc0GPfATrj0R71dGTUX_MJFUeu2Xls_JcCrdDdKF1QCEaJHID_BPIu21EItJZSV3NDgw0rwklyeuSaDm7Yh9Qb_Uex_99D5liOJM0ePkoVJS1kB94KpagHh8MCYQnXQDrSKU0ZEy8EVrqTvSAzCS_df0kDopW_AeDa-fWDqZJDeX_jTEaJynDMvfCk9lSxNG1C0QYwgO-6BRoMd__PBJJYMJA1lJZvwcP1L3xhWDcLGHCTx-4iL7hQqDh-FI3cHxm3Da4nTWQGl61M7XSevSnUaRnbOwVZ4zg6J2Ys0nUkue7eF1U9NCQEeescMNPb-pdPylaVQUPf33N-x9VL-h-QFUjyRPcRexg4bossNftMq3EA47amDFLJiC02VaWLZ9r6jwy3LVDoC3e1jiK6JO5RYnUd1NLqUBgMjrn0g3FiSdqND9JYpgPNtQaykLxgW8YIQgq7dQu03crk_H4rlMsO9lx_4Ycs-vEYdosgoItWbHiHJZVLYfX3FlzJRgVAvyhDRDYGhSuXOmcpZ29GA8KH7SppF7Nk8aOWu_S3vwTgv3Pdr_bRS818RhznJqjW8NZYefTjar_nqdmzfpt0TU477UoEqFUwzv96Zq_sWDE5tWwq3kNeuBZtkjWflqHO63yPY_o2JbL6emT1n5Kz88IlfDsbPv6zVno4t3UUUEP4TpMSITum3muNVzFPZwE69EmErW_D26rsuiG3Rq_pcee9wFNlvkoYd5HeB9PUERNnBWiyAB3KnKNK9i-L9rfksY954dGA&cid=CAASJORoFMKt6F1SlWOVGM-lGewxz6ZvHQZNCvvuW5OYI_pAvdLi3g&rfl=3%2Chttps%253A%252F%252Ftimes.hinet.net%242%2C%2Chttps%253A%252F%252Ftimes.hinet.net%252F%240
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8c19b1480cb1a8b130b990db353224f4d60d903d9f50f526ebc9484e07799c7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33394
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8405 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D5Z0OHEw0m20CNSKFQ-TGx3ZPXPCtiUh4KUquCDl5PCx1LgFSptw57aeanppruoiWjFUmVdjj7Cf_qdelDHHziDMtqCUbHEflXKQr8uNCT2y6SY7w
Requested by
Host: 8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com
URL: https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 8405 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: 8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com
URL: https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
263
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 May 2022 02:02:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8405 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com
URL: https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650281421154365"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Apr 2022 02:07:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 8405 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com
URL: https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 01:47:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1181
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 May 2022 01:47:21 GMT
l
www.google.com/ads/measurement/ Frame 8405 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTuMXphmVnsuoqjoVhDM25uOgb3z2jJ_2Smct7uhCw001UMvkwwlPhMZbAqDEFpqpIGGXmyK0G6dDp70Pade71wsn5WMw
Requested by
Host: 8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com
URL: https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
adview
googleads.g.doubleclick.net/pagead/ Frame 8B74 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cn47nxmpfYtaED7eX9u8P0cGtsArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDU3NjU5NzIwMTYzNzQ3yAEJqAMBqgTUAU_QTJaGlxzW5NWIu-_Ivy35Fm16wrnIn3CHjSS7OAlqqWUV2KIO5VOspjVivBq1xy2Cdzi_s2nWMXsFumY3XyscmMQqNhNqw_DlSyWTW3SviXnhtrcvfL9zIbvPEmrpqs1lOJ68eL1xdZmsbtu53ljg58DsiaTEwi4L46KqNIc60Y7XLCRFXBwHgS_oyj4xU5isfCZgxxvbRwAqYQzjwYWD3GSpxnPp8PkYHsD7Yi0pGVXghtBndzL_DzTXeZkhWz2mf1YcUC1RkIbvOyLTiBPrOyAOgAa_zMTOmvnjl4ABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDQ1NzY1OTcyMDE2Mzc0NxgA&sigh=UNNCFvMKB8s&uach_m=[UACH]&cid=CAQSOwCNIrLMzTZxhKU89wKe6VRMWPPCaIgEqNp_FLDygcw85KAgRdm53m_pgeFP03Ac7oL-JN8hWsRd9rxwGAE&tpd=AGWhJmvOlZhxr9UXJ8VglyRNeTJpgslJKtBFY52hoAatZybqP5Wh7MRYJ8sbGPJeHz4pPDYrZMdeD-83Kar7NafAqUtw8dcuditTXkHTDcInXJtw_qjM8bCvF0rfEF_Ccrj4fCAWOogPIQEJY4e7WrUjfiE3FjLwrZD64kw4oBJu9quIkPsdbKA1YtzhdcxMA4UynNf58HTAJpoAmNuD9k6Zm6wbQd89WdFFGHv-a3VY2Q1DorMgS12wcxI457jydo6aXQwoQPNF6tpjybl51_WCDTCnvwD79H88HGV6SPUn927rGvA8pcWGGEFJe_B7EdQ5lYjPbfv14Jjs_OzXq6ZwTo62B88KvoYAlo6wI8p7sOsKY8UUbH4ylyNgRrzN1e885sN_AF6uVLtwpJorKxOhyg8Iao3kDwjKN9fSh4SKd2zbLvLNsqSJX1HJCQguAeZvbPfp2aUokBTrppqdYevrKdpirMI9cDHcbqq9oU4x6WcygRT3VYdpxhHBAf3mlq5NM4mW61YCRi0AbOp5GEcyk7al6wpQDVGLhMJASN2GVHyzseEuDCeKVqBliYC1UlV0qKTI67WZlGmanzswYBjJZ4fCwWn51vhg9BmZf1Uqpn37JG9ZGlkcLMlFdWVRfC5wX_cXJaANsnhFPRKZxkH73SMZTQ8QFl07_Ks9Q266GpQrb8Tjw2JRai--7vMDVN2bwYeaX6GBoWTZsc6OBV4pag-6K4sHAK16URiA3RUvjcBHdipOtKsPYbt1nUEywCbvovMSsBRhAZQTrT1dDJ9pc9dQsgk9HsyrLNpRQ9Hb6U7l8V0kCDBXYb6KKZ_ntCHO84apVn_u3Y8lUIbYpdwidrz6iEedSu7Scsqr_45gige4yt2u_hNUVZbY3P58fCUwwFIt3M4n-9gfhZsAyn1ND_XPoYeyt0x7sFhS1wZUv-6Vj_n_L1TYcimFjVf2dLoMXhLninE17DiJduU5vPTcxwJ-XiyMnIl_gI89nuIAms2gVImIVIuRanhngDhc22zeazBVjywmntqUM-aGG_fosIpb_Sj3ylOwaw5jHMMyMqjfAXAht5HNPuY3Nq8M9_tI_Q
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=250&slotname=3089906698&adk=1280429565&adf=3171381554&pi=t.ma~as.3089906698&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420421156&bpp=2&bdt=512&idt=382&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420421&ga_hid=161013570&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=2914&biw=1600&bih=1200&isw=300&ish=250&ifk=3799455184&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064018&oid=2&pvsid=1067251748401404&pem=129&tmod=813030052&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.cv3feg77v16r&btvi=2&fsb=1&dtd=393
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 20 Apr 2022 02:07:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
js
tags.mathtag.com/notify/ Frame 8B74 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTnpCallXUTFNVFF0TWpNME55MDNabVF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI4MTk4Njg4NDU3NTA4OTYzMTkvNjYyMjMyNS80NTYyMzA2LzQvYkFVb2hZTU1Yam15eG05aXdUazJOakFLUnJZcUlfVHMyTDNudFdxUHJ5VS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yODE5ODY4ODQ1NzUwODk2MzE5L2Ftcy8wLzExMy8xNy85OTkvMzIyLzIwMDE6YWM4OjIwOjovMC4wMDAvMTY1MDQyMDQyMi8xNjUwNDMzMDIyLzQvcHViLTQ0NTc2NTk3MjAxNjM3NDcv/y14-YWHVlHmXwONJ_G4_8xzRa_g&nodeid=354&group=cdg&auctionid=2819868845750896319&shardkey=2819868845750896319&sid=4562306&cid=6622325&bp=a_bfcjdd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.24&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqZPoxmpfYtaED7eX9u8P0cGtsArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDU3NjU5NzIwMTYzNzQ3yAEJqAMBqgTXAU_QTJaGlxzW5NWIu-_Ivy35Fm16wrnIn3CHjSS7OAlqqWUV2KIO5VOspjVivBq1xy2Cdzi_s2nWMXsFumY3XyscmMQqNhNqw_DlSyWTW3SviXnhtrcvfL9zIbvPEmrpqs1lOJ68eL1xdZmsbtu53ljg58DsiaTEwi4L46KqNIc60Y7XLCRFXBwHgS_oyj4xU5isfCZgxxvbRwAqYQzjwYWD3GSpxnPp8PkYHsD7Ym8rOMdMOnRg-pa3pOyX1mk8TzcadXgEsZCR0CkVmjz_kL1yhyeDP_7zgAa_zMTOmvnjl4ABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2xjtmN2HOnY0wqGqHmeYBIwnHFgA%26client%3Dca-pub-4457659720163747%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=250&slotname=3089906698&adk=1280429565&adf=3171381554&pi=t.ma~as.3089906698&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420421156&bpp=2&bdt=512&idt=382&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420421&ga_hid=161013570&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=2914&biw=1600&bih=1200&isw=300&ish=250&ifk=3799455184&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064018&oid=2&pvsid=1067251748401404&pem=129&tmod=813030052&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.cv3feg77v16r&btvi=2&fsb=1&dtd=393
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.309.0 /
Resource Hash
c6a6c07cab49251af6076fe636000a5e7601af08dbe166bf10fc8fa1fa842478

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 02:07:03 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1650420422
Last-Modified
Wed, 20 Apr 2022 02:07:02 GMT
Server
MMBD/3.309.0
x-mm-latency
2 (1)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
cdg-router-x28, cdg-bidder-x51
Connection
close
Content-Type
application/x-javascript; charset=UTF-8
Expires
Wed, 20 Apr 2022 02:07:02 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/ Frame 8B74 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=250&slotname=3089906698&adk=1280429565&adf=3171381554&pi=t.ma~as.3089906698&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420421156&bpp=2&bdt=512&idt=382&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420421&ga_hid=161013570&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=2914&biw=1600&bih=1200&isw=300&ish=250&ifk=3799455184&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064018&oid=2&pvsid=1067251748401404&pem=129&tmod=813030052&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.cv3feg77v16r&btvi=2&fsb=1&dtd=393
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 15:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36765
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 May 2022 15:54:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8B74 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=250&slotname=3089906698&adk=1280429565&adf=3171381554&pi=t.ma~as.3089906698&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420421156&bpp=2&bdt=512&idt=382&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420421&ga_hid=161013570&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=2914&biw=1600&bih=1200&isw=300&ish=250&ifk=3799455184&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064018&oid=2&pvsid=1067251748401404&pem=129&tmod=813030052&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.cv3feg77v16r&btvi=2&fsb=1&dtd=393
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650281421154365"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Apr 2022 02:07:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/ Frame 8B74 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=250&slotname=3089906698&adk=1280429565&adf=3171381554&pi=t.ma~as.3089906698&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420421156&bpp=2&bdt=512&idt=382&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420421&ga_hid=161013570&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=2914&biw=1600&bih=1200&isw=300&ish=250&ifk=3799455184&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064018&oid=2&pvsid=1067251748401404&pem=129&tmod=813030052&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.cv3feg77v16r&btvi=2&fsb=1&dtd=393
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2d5acc40b303c5c7b8d41a3472de6bea841871f10f3b219d0add5c0d673106b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6421
x-xss-protection
0
server
cafe
etag
15269590465493672714
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 May 2022 02:04:58 GMT
l
www.google.com/ads/measurement/ Frame 8B74 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSup0-jx6kFL0PxrAaan7vydfsYrZumVxJrTah6nC9FZsSSjVvq5hTaOoIPMTLoL9M1LxSdzpHgSA1KDGysM80UHDPbOg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=250&slotname=3089906698&adk=1280429565&adf=3171381554&pi=t.ma~as.3089906698&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420421156&bpp=2&bdt=512&idt=382&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420421&ga_hid=161013570&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=2914&biw=1600&bih=1200&isw=300&ish=250&ifk=3799455184&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064018&oid=2&pvsid=1067251748401404&pem=129&tmod=813030052&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.cv3feg77v16r&btvi=2&fsb=1&dtd=393
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
sd
us-u.openx.net/w/1.0/ Frame B676
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED7rD_xtOlwiqMOgFpYZRT4&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED7rD_xtOlwiqMOgFpYZRT4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNzg5AEQxrjnARiok_PGATAB&v=APEucNUBs2p2tOLE-ovOd6NuQtUIyCj3vcVea65zz7ghAORWFYAQ-i9TPWH-1Eu4GvghpopOeckatBvjUFMOYnBo89CARw_4uOaImyQqj1tIl0k3MtV4lbOkXETdeAurhDUMBxdFDXgieICZe8a1WNhGZBBlAAJfNwLJxqzoCyOCWuPN4biyfcs
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:02 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED7rD_xtOlwiqMOgFpYZRT4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame B676 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNzg5AEQxrjnARiok_PGATAB&v=APEucNUBs2p2tOLE-ovOd6NuQtUIyCj3vcVea65zz7ghAORWFYAQ-i9TPWH-1Eu4GvghpopOeckatBvjUFMOYnBo89CARw_4uOaImyQqj1tIl0k3MtV4lbOkXETdeAurhDUMBxdFDXgieICZe8a1WNhGZBBlAAJfNwLJxqzoCyOCWuPN4biyfcs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:02 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame B676
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEOM-FPUkMRaeV593AzAy2tM&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEOM-FPUkMRaeV593AzAy2tM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNzg5AEQxrjnARiok_PGATAB&v=APEucNUBs2p2tOLE-ovOd6NuQtUIyCj3vcVea65zz7ghAORWFYAQ-i9TPWH-1Eu4GvghpopOeckatBvjUFMOYnBo89CARw_4uOaImyQqj1tIl0k3MtV4lbOkXETdeAurhDUMBxdFDXgieICZe8a1WNhGZBBlAAJfNwLJxqzoCyOCWuPN4biyfcs
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:02 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 20 Apr 2022 02:07:02 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEOM-FPUkMRaeV593AzAy2tM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame B676 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNzg5AEQxrjnARiok_PGATAB&v=APEucNUBs2p2tOLE-ovOd6NuQtUIyCj3vcVea65zz7ghAORWFYAQ-i9TPWH-1Eu4GvghpopOeckatBvjUFMOYnBo89CARw_4uOaImyQqj1tIl0k3MtV4lbOkXETdeAurhDUMBxdFDXgieICZe8a1WNhGZBBlAAJfNwLJxqzoCyOCWuPN4biyfcs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:02 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 20 Apr 2022 02:07:02 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Wed, 20 Apr 2022 02:07:03 GMT
Via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
X-Amz-Cf-Id
jIEBUnTO92-g36Dj7CFUFZEMeY8GUcNvYq9ib_yModa9kB50bX6Khw==
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 9DEF 		39 B
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash
8665f9fb827b94b5b4001148ed08b6a29b75cfac0c654dcfe03a94ebb30c8fc1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 20 Apr 2022 02:07:03 GMT
Via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-C1
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
39
X-Amz-Cf-Id
VKZujRmUiwgHhWnUp6q7yH02VT8UlYL5qjvmH8aWTPoI9yJstHpkyg==
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 9DEF 		39 B
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash
3ed3f03718eff3ffa2046ed596a64358bf78d8156bc22d20555181269a1632f4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 20 Apr 2022 02:07:03 GMT
Via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-C1
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
39
X-Amz-Cf-Id
hGiBiTjzgOBRev1N9wKyro-_iHbVePKUvJO1xNDa4lRan-LCFzZFPQ==
integrator.js
adservice.google.com/adsid/ Frame 9DEF 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=player.svc.litv.tv
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 5C87 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?nfJUOg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Wed, 20 Apr 2022 02:07:03 GMT
Via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
nOWh6iIgrTzzMfIHciSqDcCiJixs5rHge3Xx6Bq3N4hGwqRQDnRW6w==
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 8405 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/
Origin
https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 13:57:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43799
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Apr 2022 13:57:03 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/ Frame 8405 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AU5pmQs-kfdBSyqHTrepVwlj5qT5OxPHwK6_PpN38LJN0g3t7vfHwUljBMmC1-LAauK6l0oKcJT4D6ZHEdcUpZafEVHpd2hv8srUNLmFgBXScpwlEZHz6_EaYesBr49iwfNutWP03w5ALQbqlVHFjCicEYBA&dbm_d=AKAmf-Da5W1Fs6758G-SEGzXyUBoXkAXVSubgWxIoGkziPH4CS0CpLeAHp8qhUy94YEp4CQEpGaEgssfZgIA7Ky8t4gHsl4tZAjEPsmlDIpdyaqqj0bwIkqFJeL95x9V0HoV-j7tjREOvX83nsx91ZxCscANqhTdXae7Y2tKMTggjXBPTH0prFV60y0PY4LtJ5BXmv8vABVVOVb2zTRw35WQws4uBJ_Wf3CemMo93WlXfJgVxerelFpzqTjuUAfNCAd_Dx9WzD6Zge98BL9sWkI23yXpsOYWUWENsp4nQl1LbSaudlXxq29ZJjvChivcMZUmUiKzHREn5cxb6_N3jzbP3z_Vs2aDlcQnMh1-BeNyucH7yvMoLAqIx_irfcL93g88BBlD25qrW9Q9FxoSbSYY6ypZsSl7R7U1DXo3VdAm3rWIkEFzeUMKu4_b7gqyS0NkKs8F3Blycq_BK7ff4-O9q3zVPyRPqQq2MJb7dTbjYTmZjWAMRDABP3s8fXEwQz3KeP259mOtuhHQf3DZSL_4rbjjjvPaX-dSURarc-fMdyqkcOQ0_EPQXtEPZnr0UkfVGfBSuDSy1Q_YtlUocv2FrVdcRLvmsnOLiKA5m7k_9XN9V6B-BNLZ9REBEArklqPXNMgsIYCOVKE-x7rBWAWmv2VDi7hlYAaBkKY2KCJW73pdMopGsxq45NKvChT8AdMGblkjWypIseaJPLweciFHkG9zyzSXYfE8gIw99YC-u8q8o4M5Zzl-NNjnIoJ2wJT9v1R4mFa-bGQyr2aC6H850fUJPtVgQtmNDWRKEmQGd25Ms4TnPP0KfpEHXrSy8h9_l0tWkxs0rfJ1jxe6MyVfMUbFonW3FEVCJtvpRvwaFQ9Owr7ANTKGsRsqWXM7mz20Rk6vJbouSzL8v0TAKmqdDTTPtXX7JmPpPB6sPn8wC1ax5b_5gaDbKvGfjZMscH6MSNhEtHOUCQFTEilcptlKpFhV3Gaq5mMtECN2ykg5iFE4slwov5nDotrfs5sDJvIbONWjNL9m6cJKGJx80wH-ceD64aruoPJVwlze4mfcwKGG6zr-brcDUo2tfLJY2DHhEiVe2coPmazExl3-_-UHu7cM9B38si448juzpref2L_RmcUgEKf-Kll3xUgeMR0udcahH3tTMPvRMFd-qfhPiWdjg7LXv5PqPlUVk3TheRkx4Ydgy37L0zSCDfTAt5e17HQn1jlmNZUbeNcZwEpCs098j1tDey8a8XJAMkD_rjDasHazZq14NW5G4sNHdkpwIZ_IL70WoYYWUCQMu5-FpiLJ1g-9EoVAHgPj8aNHgSODcH8ulrDHJMeYcTJlaFxWyshgMnunsQrgkeX2RxiqlkyidSZhS5_1igxgQFG7Iuz0ePc_fLDJhVl3HMPpNvFt6gS9iVB2YuhERYG_9y-xPg9KrDM2UOUUnSOEUtGuNCV2L8lgHK8_PbRNzu9BSTErCircWJDhMFp3i2s75llm_9QI1Y0VyuVDZvtR1NQUQ0g3Semci9XHBr7r81M36iPzKuJVjeztEW5VuJjb6zXXV-H5ugvN9GpU1a15SmP5osu9Esh_SQ1BzU5V7ySPUZfT6Ob_n80n5z8lS1a_PCxnBYqzcrbyhsMxtH8rpd_XiNM2IFNDy7z52rKTvnSqkvhMj7IB3oOKWTxlVC_FjS9_xBY7QZ8zM_eAyWcNM7KQMDXs1c3f1fzG_j9XbXKNiuA74zUGFtwOZWbj40uFLIltliUKOuSJSAYyHLGH16xUk6WmqGuE354ZHyJnHQ46bvV-5Xo-ZYq69s-kgoQEZ4_jDKM3LxzLlRn42PTwor6OIKjhi_qHD_mAXauFJbDRPO2FZio2pr3Ifu-NVxTz8uV5sLp5b6lhvEzSig8hSyTjGvxXsfQhbIuiM8VqVUaQcvUISSmKZZxRaWQLinRd9DiB_XU4EUPo30vaCdN5AKkIb8yxj0hKxRH9CtKcUtgIFalDRXFRSngfRsVajbg0mj5dTDYeWPmiU6WZNSt8hz__AFIPJl1G8Kylp73pTkZnJhFrouLsWUb6uRBld0OJkvreGdkT8yxuvlaQWRTFouyPkVjLqqCtIuJEwK2f1XYGDfLAp2wthJEF_wl9F75FqPtS23cYdsq0M_OXw5lYej5L2QDQJI1hYHWbTUmD5_-4n6jY0Rl_-xBipiyeqLoXXgpn8u3Z5sLab93N8wDIC3ypcZYYM532oxPtrFlSJmGY_z-hVBAOYxsHEF2i3YB7VAGH0eRo96xgEOGxgfxw-CQPDjK912aj4fcXbZrP5n9HpMI3QQD2RS0pBO2TVIVjmlpIrZJlJ3AMGK5RvEGgMq0GU0BIIOpHQJrlLYjYwbBAFXEnsl0S07TBU2tUprmkoC3bpGJD0fK3E--XE6QF47PqzCXsGog64_mphNcbXtox6mrHSqNYJS1vY9MqMJx8Z5LC8cVlxc0GPfATrj0R71dGTUX_MJFUeu2Xls_JcCrdDdKF1QCEaJHID_BPIu21EItJZSV3NDgw0rwklyeuSaDm7Yh9Qb_Uex_99D5liOJM0ePkoVJS1kB94KpagHh8MCYQnXQDrSKU0ZEy8EVrqTvSAzCS_df0kDopW_AeDa-fWDqZJDeX_jTEaJynDMvfCk9lSxNG1C0QYwgO-6BRoMd__PBJJYMJA1lJZvwcP1L3xhWDcLGHCTx-4iL7hQqDh-FI3cHxm3Da4nTWQGl61M7XSevSnUaRnbOwVZ4zg6J2Ys0nUkue7eF1U9NCQEeescMNPb-pdPylaVQUPf33N-x9VL-h-QFUjyRPcRexg4bossNftMq3EA47amDFLJiC02VaWLZ9r6jwy3LVDoC3e1jiK6JO5RYnUd1NLqUBgMjrn0g3FiSdqND9JYpgPNtQaykLxgW8YIQgq7dQu03crk_H4rlMsO9lx_4Ycs-vEYdosgoItWbHiHJZVLYfX3FlzJRgVAvyhDRDYGhSuXOmcpZ29GA8KH7SppF7Nk8aOWu_S3vwTgv3Pdr_bRS818RhznJqjW8NZYefTjar_nqdmzfpt0TU477UoEqFUwzv96Zq_sWDE5tWwq3kNeuBZtkjWflqHO63yPY_o2JbL6emT1n5Kz88IlfDsbPv6zVno4t3UUUEP4TpMSITum3muNVzFPZwE69EmErW_D26rsuiG3Rq_pcee9wFNlvkoYd5HeB9PUERNnBWiyAB3KnKNK9i-L9rfksY954dGA&cid=CAASJORoFMKt6F1SlWOVGM-lGewxz6ZvHQZNCvvuW5OYI_pAvdLi3g&rfl=3%2Chttps%253A%252F%252Ftimes.hinet.net%242%2C%2Chttps%253A%252F%252Ftimes.hinet.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 01:37:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1743
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 May 2022 01:37:59 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 8405 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AU5pmQs-kfdBSyqHTrepVwlj5qT5OxPHwK6_PpN38LJN0g3t7vfHwUljBMmC1-LAauK6l0oKcJT4D6ZHEdcUpZafEVHpd2hv8srUNLmFgBXScpwlEZHz6_EaYesBr49iwfNutWP03w5ALQbqlVHFjCicEYBA&dbm_d=AKAmf-Da5W1Fs6758G-SEGzXyUBoXkAXVSubgWxIoGkziPH4CS0CpLeAHp8qhUy94YEp4CQEpGaEgssfZgIA7Ky8t4gHsl4tZAjEPsmlDIpdyaqqj0bwIkqFJeL95x9V0HoV-j7tjREOvX83nsx91ZxCscANqhTdXae7Y2tKMTggjXBPTH0prFV60y0PY4LtJ5BXmv8vABVVOVb2zTRw35WQws4uBJ_Wf3CemMo93WlXfJgVxerelFpzqTjuUAfNCAd_Dx9WzD6Zge98BL9sWkI23yXpsOYWUWENsp4nQl1LbSaudlXxq29ZJjvChivcMZUmUiKzHREn5cxb6_N3jzbP3z_Vs2aDlcQnMh1-BeNyucH7yvMoLAqIx_irfcL93g88BBlD25qrW9Q9FxoSbSYY6ypZsSl7R7U1DXo3VdAm3rWIkEFzeUMKu4_b7gqyS0NkKs8F3Blycq_BK7ff4-O9q3zVPyRPqQq2MJb7dTbjYTmZjWAMRDABP3s8fXEwQz3KeP259mOtuhHQf3DZSL_4rbjjjvPaX-dSURarc-fMdyqkcOQ0_EPQXtEPZnr0UkfVGfBSuDSy1Q_YtlUocv2FrVdcRLvmsnOLiKA5m7k_9XN9V6B-BNLZ9REBEArklqPXNMgsIYCOVKE-x7rBWAWmv2VDi7hlYAaBkKY2KCJW73pdMopGsxq45NKvChT8AdMGblkjWypIseaJPLweciFHkG9zyzSXYfE8gIw99YC-u8q8o4M5Zzl-NNjnIoJ2wJT9v1R4mFa-bGQyr2aC6H850fUJPtVgQtmNDWRKEmQGd25Ms4TnPP0KfpEHXrSy8h9_l0tWkxs0rfJ1jxe6MyVfMUbFonW3FEVCJtvpRvwaFQ9Owr7ANTKGsRsqWXM7mz20Rk6vJbouSzL8v0TAKmqdDTTPtXX7JmPpPB6sPn8wC1ax5b_5gaDbKvGfjZMscH6MSNhEtHOUCQFTEilcptlKpFhV3Gaq5mMtECN2ykg5iFE4slwov5nDotrfs5sDJvIbONWjNL9m6cJKGJx80wH-ceD64aruoPJVwlze4mfcwKGG6zr-brcDUo2tfLJY2DHhEiVe2coPmazExl3-_-UHu7cM9B38si448juzpref2L_RmcUgEKf-Kll3xUgeMR0udcahH3tTMPvRMFd-qfhPiWdjg7LXv5PqPlUVk3TheRkx4Ydgy37L0zSCDfTAt5e17HQn1jlmNZUbeNcZwEpCs098j1tDey8a8XJAMkD_rjDasHazZq14NW5G4sNHdkpwIZ_IL70WoYYWUCQMu5-FpiLJ1g-9EoVAHgPj8aNHgSODcH8ulrDHJMeYcTJlaFxWyshgMnunsQrgkeX2RxiqlkyidSZhS5_1igxgQFG7Iuz0ePc_fLDJhVl3HMPpNvFt6gS9iVB2YuhERYG_9y-xPg9KrDM2UOUUnSOEUtGuNCV2L8lgHK8_PbRNzu9BSTErCircWJDhMFp3i2s75llm_9QI1Y0VyuVDZvtR1NQUQ0g3Semci9XHBr7r81M36iPzKuJVjeztEW5VuJjb6zXXV-H5ugvN9GpU1a15SmP5osu9Esh_SQ1BzU5V7ySPUZfT6Ob_n80n5z8lS1a_PCxnBYqzcrbyhsMxtH8rpd_XiNM2IFNDy7z52rKTvnSqkvhMj7IB3oOKWTxlVC_FjS9_xBY7QZ8zM_eAyWcNM7KQMDXs1c3f1fzG_j9XbXKNiuA74zUGFtwOZWbj40uFLIltliUKOuSJSAYyHLGH16xUk6WmqGuE354ZHyJnHQ46bvV-5Xo-ZYq69s-kgoQEZ4_jDKM3LxzLlRn42PTwor6OIKjhi_qHD_mAXauFJbDRPO2FZio2pr3Ifu-NVxTz8uV5sLp5b6lhvEzSig8hSyTjGvxXsfQhbIuiM8VqVUaQcvUISSmKZZxRaWQLinRd9DiB_XU4EUPo30vaCdN5AKkIb8yxj0hKxRH9CtKcUtgIFalDRXFRSngfRsVajbg0mj5dTDYeWPmiU6WZNSt8hz__AFIPJl1G8Kylp73pTkZnJhFrouLsWUb6uRBld0OJkvreGdkT8yxuvlaQWRTFouyPkVjLqqCtIuJEwK2f1XYGDfLAp2wthJEF_wl9F75FqPtS23cYdsq0M_OXw5lYej5L2QDQJI1hYHWbTUmD5_-4n6jY0Rl_-xBipiyeqLoXXgpn8u3Z5sLab93N8wDIC3ypcZYYM532oxPtrFlSJmGY_z-hVBAOYxsHEF2i3YB7VAGH0eRo96xgEOGxgfxw-CQPDjK912aj4fcXbZrP5n9HpMI3QQD2RS0pBO2TVIVjmlpIrZJlJ3AMGK5RvEGgMq0GU0BIIOpHQJrlLYjYwbBAFXEnsl0S07TBU2tUprmkoC3bpGJD0fK3E--XE6QF47PqzCXsGog64_mphNcbXtox6mrHSqNYJS1vY9MqMJx8Z5LC8cVlxc0GPfATrj0R71dGTUX_MJFUeu2Xls_JcCrdDdKF1QCEaJHID_BPIu21EItJZSV3NDgw0rwklyeuSaDm7Yh9Qb_Uex_99D5liOJM0ePkoVJS1kB94KpagHh8MCYQnXQDrSKU0ZEy8EVrqTvSAzCS_df0kDopW_AeDa-fWDqZJDeX_jTEaJynDMvfCk9lSxNG1C0QYwgO-6BRoMd__PBJJYMJA1lJZvwcP1L3xhWDcLGHCTx-4iL7hQqDh-FI3cHxm3Da4nTWQGl61M7XSevSnUaRnbOwVZ4zg6J2Ys0nUkue7eF1U9NCQEeescMNPb-pdPylaVQUPf33N-x9VL-h-QFUjyRPcRexg4bossNftMq3EA47amDFLJiC02VaWLZ9r6jwy3LVDoC3e1jiK6JO5RYnUd1NLqUBgMjrn0g3FiSdqND9JYpgPNtQaykLxgW8YIQgq7dQu03crk_H4rlMsO9lx_4Ycs-vEYdosgoItWbHiHJZVLYfX3FlzJRgVAvyhDRDYGhSuXOmcpZ29GA8KH7SppF7Nk8aOWu_S3vwTgv3Pdr_bRS818RhznJqjW8NZYefTjar_nqdmzfpt0TU477UoEqFUwzv96Zq_sWDE5tWwq3kNeuBZtkjWflqHO63yPY_o2JbL6emT1n5Kz88IlfDsbPv6zVno4t3UUUEP4TpMSITum3muNVzFPZwE69EmErW_D26rsuiG3Rq_pcee9wFNlvkoYd5HeB9PUERNnBWiyAB3KnKNK9i-L9rfksY954dGA&cid=CAASJORoFMKt6F1SlWOVGM-lGewxz6ZvHQZNCvvuW5OYI_pAvdLi3g&rfl=3%2Chttps%253A%252F%252Ftimes.hinet.net%242%2C%2Chttps%253A%252F%252Ftimes.hinet.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 00:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4462
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9777
x-xss-protection
0
server
cafe
etag
12512753850102923420
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 May 2022 00:52:40 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame F5BD 		156 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F76486173%2FEmbed%2Fhinet_6_em&description_url=https%3A%2F%2Fwww.hinet.net%2F&tfcd=0&npa=0&sz=640x480&ciu_szs=300x250&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=104243220225444&vpa=auto&vpmute=1&sdkv=h.3.510.1&osd=2&frm=2&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=2130998149&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.510.1&sid=18DBA3E8-86C4-4C84-A366-8FCD4C6FF974&nel=0&eid=44725355%2C44738438%2C44750822%2C44752711%2C44758348%2C44761692&url=https%3A%2F%2Ftimes.hinet.net&ref=https%3A%2F%2Fwww.hinet.net%2F&dlt=1650420411323&idt=1964&dt=1650420422091&scor=2176749460737906&ged=ve4_td11_tt9_pd11_la11000_er0.0.0.0_vi0.0.168.300_vp0_ts0_eb16747
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.510.1_zh_tw.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/ Frame EF90 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dedf3737abcf3c9d6b0c8a16d0cbe4022fcbe2fe1bb31806a4cdd8c78a970958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
41047
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1462
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 14:42:55 GMT
expires
Wed, 19 Apr 2023 14:42:55 GMT
last-modified
Tue, 12 Jan 2021 14:46:06 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8405 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu9DwDmd0r9aoMfiSVI79CVY8DHSmtlExspapEwQod7u_rjjesg9YeK9kXeJ9wRFI50GXwNuc70H_yhcagv6-4hdCDzeAgqnLStHNftevrOa5OJTMS885HqhpdOo2KUvho5018C0jCHtBU_8knhMflDA7ZOLODAr8mbR4S0PWZG-Y3l4N7RSqdoBbDEVy8FINHph5Yb1KmH_V9LV_zZ5kUFp1KJ1sB1VTlEEwAx8FpGZzc5V0O83R0YwXP9DErfBZlSxq5IszhYWcHVFsnRZPZeRTyPQc3_gQ2QY6esIeOXH4MRjBANwhblaKI2jPDXFgQYYSy_5yUYrV9LjX85vYj8tGaAdPNaBqyuCgbb8gOdTh1xN7sZwzyqp7Ny6PTmTPQDKlNa6lbe2SdOjdzJS7TYY-wN1jUgDpFhcMKkeG69uIQoydHr1yZhkfhcupm3dDZsBnDI8U3UChGMAsfRzU4KRmEOYQUXZx5wNyNZpRmZiMm8DUcElXdEjASS91i2BPu7lzXNCk9P_Eiw2L1NAoSD2I_JfYDAOMFehRFw60jpdoyqwsbAF0k4lq0LYOOc-vJlUXcp7sN066sdvKfoTf0ML3__3Xfb05SHtV_WO6l7ak0oZlCUlaQZ6w0tQVsLBjoHZDBeiG9GEvGe-iqcOS5pPWFBO2FVj48sbL2JVgQ-TlxUNsdUbp5sbZDSQ1dbDehUNNbT0AoKQ3HWWhv-BL38HdDcvTC6gxtZje7s2oBc8KN1jaaVcoWZaamL7lkdsemiSfRrNwdUZXu-_i78ZuL38uFGa9NwcJxg0vIxbU0PKhgzWuI1Xks3bS97t66rOZrrtNXg8G7Wuw1b7ESIu7_Qz20typQxUes52qW39JJrwdSKzAL96yXxNotax7w8j4Gh5unnGs6SKnzboVGgdg3Ft-77EOh9BE27oA1Gg4AwQQKlR4kGGGWeXndTv22wKeeDpxkExd-ysaDuGPx_riLdhR0IgY6lQtP9llrp1RcFkVPM-Z90779Qqn_ZggWEi_2CxegP26TlcCO3-H6hefOHIprMQfuarvwwt6_cJzaWzfobaQyB6Zvog8WidjIAkIx3X4fiwASwGJDz7ppFECF5PQhLUc1it-nrwuuqAIxtz_wEAuD5-V6HoW85cu2UZnYeHLlpJS0Pu0o8l_JJMyKOuNzaSgkqlqWopOZcj6_wh3FEr8M5D6xQr08rl8wcrTSfq4C9eBI1t9oL27LkLPfocqWzJ2gOJDUBDwyxn382-DTMxxZtcGnJlwBuSg8zYACJWqDjVQq2n2KzyoTp3LCJuBVD8z6ZhwxI8dpSCOjb0FFx&sai=AMfl-YSu4R-7YKo4YJ4K9Ol2Rh-ckS9UgDbZW5ObFMn9y66vpRJZi7pFUWmc0aaUyOEUQWcs1Y9DHedAHsDOyO8jj1hfaIAqm7_UfCEGYK2xJ8Ys66uZGGUbPCnmVbpn3Klk6m3D2eunPQ4ZwIeGfLIRmQXBUzfUp082BF-PGj2XEeHh5WaCbOOJbBnoWd1qtYnBHumY5aKOuG7aKgT2Da0HpmaaYcduhBisO4de0r9aNVTENw&sig=Cg0ArKJSzNTtepGqa8aAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=92&cbvp=1&cstd=86&cisv=r20220413.39952&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Wed, 20 Apr 2022 02:07:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8405 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com
URL: https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 13:57:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216599
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Apr 2023 13:57:03 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9A67 		1 KB
754 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com
URL: https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
72798
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 05:53:44 GMT
etag
48472445140208031
expires
Wed, 20 Apr 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8DA1 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
58732
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 09:48:10 GMT
expires
Wed, 19 Apr 2023 09:48:10 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
styles.css
s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/ Frame EF90 		2 KB
780 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
090262a289d76baf54bd96b4a956dc760369a4ad1ea6b37103184e77d76b8f49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 22:00:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
446776
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
751
x-xss-protection
0
last-modified
Tue, 12 Jan 2021 14:46:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 22:00:47 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame EF90 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Apr 2022 02:07:03 GMT
main.js
s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/ Frame EF90 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8102a8864cb6defc7fa360caecc709711743dbb21ef8d90dfef55a72054d98b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 22:00:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
446776
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1047
x-xss-protection
0
last-modified
Tue, 12 Jan 2021 14:46:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 22:00:47 GMT
frame1.jpg
s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/ Frame EF90 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/frame1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c98b9f53df7564ea0501fe91af312efda504a9b5f927460dc0e6d808719156c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 22:00:47 GMT
x-content-type-options
nosniff
age
446776
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60307
x-xss-protection
0
last-modified
Tue, 12 Jan 2021 14:46:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 22:00:47 GMT
frame2.jpg
s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/ Frame EF90 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/frame2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9c005c389f0e1dd1a2f741b7e7be413adf007e4bb65809531a8806c0f5eb802
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 22:00:47 GMT
x-content-type-options
nosniff
age
446776
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57614
x-xss-protection
0
last-modified
Tue, 12 Jan 2021 14:46:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 22:00:47 GMT
frame3.jpg
s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/ Frame EF90 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/frame3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ff76216c6a32230633a6370e7254675e136c2ea43b8b6282d4667259d49c9e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 22:00:47 GMT
x-content-type-options
nosniff
age
446776
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25112
x-xss-protection
0
last-modified
Tue, 12 Jan 2021 14:46:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 22:00:47 GMT
noImage.png
s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/ Frame EF90 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/noImage.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f564cf133cfc26e10d80a745642081f4999ce7881c86b84814f168c88a9023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 22:00:47 GMT
x-content-type-options
nosniff
age
446776
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
last-modified
Tue, 12 Jan 2021 14:46:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 22:00:47 GMT
btnReplay_x2.png
s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/ Frame EF90 		409 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/btnReplay_x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03fdcb70e9be4f6d1accff5b92cfa614f1a9871b2a6d62163174bb7504183b75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637001935960988047/DE-de_OBExploreVR_300x250_BAN_0_MG/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 22:00:47 GMT
x-content-type-options
nosniff
age
446776
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
409
x-xss-protection
0
last-modified
Tue, 12 Jan 2021 14:46:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 22:00:47 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 9A67 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKflK1g5lXLbknHRMCOUXa8&google_cver=1&google_push=AYg5qPIfhPXVpUmXKLpzDcmjweThYiZsyXe7YrITkEc8AK4uTpWJxflcelEI3rR1LTU6ELXI7AiFWBSKxfPJjgCTbBoxEKG6gIAR
Requested by
Host: 8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com
URL: https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:03 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 9A67 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEB6Om65ipSetVfQ7KIbh0ZM&google_cver=1&google_push=AYg5qPJqZrqJwzX6mjwXtmteMflH-889akI_JXKLonix6uRD6_BXa9aOwdJItTm-0ckpRL2hdrFDq5263At3IffVy85LhlIgC8z5OA
Requested by
Host: 8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com
URL: https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:03 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 9A67
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIfbqKb5hwRqiv-vOFHb5vQ&google_cver=1&google_push=AYg5qPJT5fW1OpmtQ4ihhs7j85tTC6PohKIAJgOQlTA6ngw-O9sLI9dhUo2kvr9W05KxDnCAqZ52Cfpu...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIfbqKb5hwRqiv-vOFHb5vQ&google_cver=1&google_push=AYg5qPJT5fW1OpmtQ4ihhs7j85tTC6PohKIAJgOQlTA6ngw-O9sLI9dhUo2kvr9W05KxDnCAqZ5...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjgyODQxNzkxMjc1MTkwNDY0MQ&google_push=AYg5qPJT5fW1OpmtQ4ihhs7j85tTC6PohKIAJgOQlTA6ngw-O9sLI9dhUo2kvr9W05KxDnCAqZ52Cf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjgyODQxNzkxMjc1MTkwNDY0MQ&google_push=AYg5qPJT5fW1OpmtQ4ihhs7j85tTC6PohKIAJgOQlTA6ngw-O9sLI9dhUo2kvr9W05KxDnCAqZ52CfpuhE0YRYtzJUzU3Igx-ZyLtg
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:03 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjgyODQxNzkxMjc1MTkwNDY0MQ&google_push=AYg5qPJT5fW1OpmtQ4ihhs7j85tTC6PohKIAJgOQlTA6ngw-O9sLI9dhUo2kvr9W05KxDnCAqZ52CfpuhE0YRYtzJUzU3Igx-ZyLtg
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 9A67
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIZlzxuqNcawNG4w3J7Sb5w&google_cver=1&google_push=AYg5qPLoTkRRGuL4j5kc17Pb8cWb9nFEKnW3wSSfmISrvHJJkkvnJgu213zJzYPvvPwIHx5JuZ0yT9kpleUJechuK...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIZlzxuqNcawNG4w3J7Sb5w&google_cver=1&google_push=AYg5qPLoTkRRGuL4j5kc17Pb8cWb9nFEKnW3wSSfmISrvHJJkkvnJgu213zJzYPvvPwIHx5JuZ0yT9kpleUJechuK...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLoTkRRGuL4j5kc17Pb8cWb9nFEKnW3wSSfmISrvHJJkkvnJgu213zJzYPvvPwIHx5JuZ0yT9kpleUJechuKlG72Yk31qDxkQ&google_hm=2c44c53221f7630db931...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLoTkRRGuL4j5kc17Pb8cWb9nFEKnW3wSSfmISrvHJJkkvnJgu213zJzYPvvPwIHx5JuZ0yT9kpleUJechuKlG72Yk31qDxkQ&google_hm=2c44c53221f7630db931e875
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 20 Apr 2022 02:07:03 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLoTkRRGuL4j5kc17Pb8cWb9nFEKnW3wSSfmISrvHJJkkvnJgu213zJzYPvvPwIHx5JuZ0yT9kpleUJechuKlG72Yk31qDxkQ&google_hm=2c44c53221f7630db931e875
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 9A67
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPKOqz2af1L8aaVwQZfC1AAtVMVMO2zO5Zs_YsFh1Db7N6Mdb_u90IhwU_lctpOEfgU6Z53jYFPQQo5eslR8FJc3i0X09mm_jA&redir=https%3A%2F%2Fcm.g.dou...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKOqz2af1L8aaVwQZfC1AAtVMVMO2zO5Zs_YsFh1Db7N6Mdb_u90IhwU_lctpOEfgU6Z53jYFPQQo5eslR8FJc3i0X09mm_jA&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKOqz2af1L8aaVwQZfC1AAtVMVMO2zO5Zs_YsFh1Db7N6Mdb_u90IhwU_lctpOEfgU6Z53jYFPQQo5eslR8FJc3i0X09mm_jA&google_hm=
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:03 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKOqz2af1L8aaVwQZfC1AAtVMVMO2zO5Zs_YsFh1Db7N6Mdb_u90IhwU_lctpOEfgU6Z53jYFPQQo5eslR8FJc3i0X09mm_jA&google_hm=
cache-control
no-store, no-cache, must-revalidate
expires
0
pixel
cm.g.doubleclick.net/ Frame 9A67
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMEGrQn_Cpy8GMNA79yqjxQ&google_cver=1&google_push=AYg5qPIg5teFnSwFci2OB-eoMOBaBkuDGveyVKLx1EYqBb2DortVTdC7_St_E7QiruJlI2iywF9rHbgV4ynIDvHjMRZHwXs6Cd...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPIg5teFnSwFci2OB-eoMOBaBkuDGveyVKLx1EYqBb2DortVTdC7_St_E7QiruJlI2iywF9rHbgV4ynIDvHjMRZHwXs6CdPrhA&go...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY0ODM3NDc4ODYyNjQyNDM3NjA1Nw%3D%3D&google_push=AYg5qPIg5teFnSwFci2OB-eoMOBaBkuDGveyVKLx1EYqBb2DortVTdC7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY0ODM3NDc4ODYyNjQyNDM3NjA1Nw%3D%3D&google_push=AYg5qPIg5teFnSwFci2OB-eoMOBaBkuDGveyVKLx1EYqBb2DortVTdC7_St_E7QiruJlI2iywF9rHbgV4ynIDvHjMRZHwXs6CdPrhA
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY0ODM3NDc4ODYyNjQyNDM3NjA1Nw%3D%3D&google_push=AYg5qPIg5teFnSwFci2OB-eoMOBaBkuDGveyVKLx1EYqBb2DortVTdC7_St_E7QiruJlI2iywF9rHbgV4ynIDvHjMRZHwXs6CdPrhA
date
Wed, 20 Apr 2022 02:07:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame 9A67 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEO_kbgt-1GjUdO0YPL0M3zk&google_cver=1&google_push=AYg5qPIFBsJTP2U1Bkm_wDPRowreOcxyrkmVeJhwVl7rQ6cl8q8I7E6gqnF-uuAQrQoBhSPHoK61yDVAlMnLNicZbtRoezHtVmVXmA
Requested by
Host: 8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com
URL: https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.108 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:02 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 9A67 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L8gUsNkl5WHl5WfcCTq0t2VxOJuhSX-UHPSy1wb9fUd3f8YYUuUoanxTHBx_hrz-dSkYwk
Requested by
Host: 8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com
URL: https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
pagead2.googlesyndication.com/bg/ Frame 8DA1 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 21:22:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
17054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13574
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 21:22:49 GMT
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Wed, 20 Apr 2022 02:07:03 GMT
Via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
X-Amz-Cf-Id
EBsx96URCGYxqEZtAO6xG1QmQDAetnTC4T4kDVacayd64UYwrj-Oug==
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 9DEF 		39 B
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash
29b2e791ac08da45f7a1f8d52773ad72e07990d2ef98540ab6a8f411f81c6bcb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 20 Apr 2022 02:07:04 GMT
Via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-C1
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
39
X-Amz-Cf-Id
T3faAE2UIHQlNFnQtvz-7oXB2sHlaMyHcMzkAklm_zhqLrFebZbuzQ==
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 9DEF 		39 B
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash
ef69719e547ba6c86825a9a7dec6c77c68fe2befe3f2e3def295ae094461ed97
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 20 Apr 2022 02:07:03 GMT
Via
1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-C1
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
39
X-Amz-Cf-Id
bE27Gy-W6qbl-lt66uUnb-1SYBlqVkDARgI2Dk9ZmBIT4k6DmTJK4A==
integrator.js
adservice.google.com/adsid/ Frame 9DEF 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=player.svc.litv.tv
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Wed, 20 Apr 2022 02:07:03 GMT
Via
1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
X-Amz-Cf-Id
vsDIJ2RHVOxyiGyVQ6zWhVU9HolLIf_qxLt_Q-m4lXgIte_gF73Oig==
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
view
googleads4.g.doubleclick.net/pcs/ Frame 8405 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu9DwDmd0r9aoMfiSVI79CVY8DHSmtlExspapEwQod7u_rjjesg9YeK9kXeJ9wRFI50GXwNuc70H_yhcagv6-4hdCDzeAgqnLStHNftevrOa5OJTMS885HqhpdOo2KUvho5018C0jCHtBU_8knhMflDA7ZOLODAr8mbR4S0PWZG-Y3l4N7RSqdoBbDEVy8FINHph5Yb1KmH_V9LV_zZ5kUFp1KJ1sB1VTlEEwAx8FpGZzc5V0O83R0YwXP9DErfBZlSxq5IszhYWcHVFsnRZPZeRTyPQc3_gQ2QY6esIeOXH4MRjBANwhblaKI2jPDXFgQYYSy_5yUYrV9LjX85vYj8tGaAdPNaBqyuCgbb8gOdTh1xN7sZwzyqp7Ny6PTmTPQDKlNa6lbe2SdOjdzJS7TYY-wN1jUgDpFhcMKkeG69uIQoydHr1yZhkfhcupm3dDZsBnDI8U3UChGMAsfRzU4KRmEOYQUXZx5wNyNZpRmZiMm8DUcElXdEjASS91i2BPu7lzXNCk9P_Eiw2L1NAoSD2I_JfYDAOMFehRFw60jpdoyqwsbAF0k4lq0LYOOc-vJlUXcp7sN066sdvKfoTf0ML3__3Xfb05SHtV_WO6l7ak0oZlCUlaQZ6w0tQVsLBjoHZDBeiG9GEvGe-iqcOS5pPWFBO2FVj48sbL2JVgQ-TlxUNsdUbp5sbZDSQ1dbDehUNNbT0AoKQ3HWWhv-BL38HdDcvTC6gxtZje7s2oBc8KN1jaaVcoWZaamL7lkdsemiSfRrNwdUZXu-_i78ZuL38uFGa9NwcJxg0vIxbU0PKhgzWuI1Xks3bS97t66rOZrrtNXg8G7Wuw1b7ESIu7_Qz20typQxUes52qW39JJrwdSKzAL96yXxNotax7w8j4Gh5unnGs6SKnzboVGgdg3Ft-77EOh9BE27oA1Gg4AwQQKlR4kGGGWeXndTv22wKeeDpxkExd-ysaDuGPx_riLdhR0IgY6lQtP9llrp1RcFkVPM-Z90779Qqn_ZggWEi_2CxegP26TlcCO3-H6hefOHIprMQfuarvwwt6_cJzaWzfobaQyB6Zvog8WidjIAkIx3X4fiwASwGJDz7ppFECF5PQhLUc1it-nrwuuqAIxtz_wEAuD5-V6HoW85cu2UZnYeHLlpJS0Pu0o8l_JJMyKOuNzaSgkqlqWopOZcj6_wh3FEr8M5D6xQr08rl8wcrTSfq4C9eBI1t9oL27LkLPfocqWzJ2gOJDUBDwyxn382-DTMxxZtcGnJlwBuSg8zYACJWqDjVQq2n2KzyoTp3LCJuBVD8z6ZhwxI8dpSCOjb0FFx&sai=AMfl-YSu4R-7YKo4YJ4K9Ol2Rh-ckS9UgDbZW5ObFMn9y66vpRJZi7pFUWmc0aaUyOEUQWcs1Y9DHedAHsDOyO8jj1hfaIAqm7_UfCEGYK2xJ8Ys66uZGGUbPCnmVbpn3Klk6m3D2eunPQ4ZwIeGfLIRmQXBUzfUp082BF-PGj2XEeHh5WaCbOOJbBnoWd1qtYnBHumY5aKOuG7aKgT2Da0HpmaaYcduhBisO4de0r9aNVTENw&sig=Cg0ArKJSzNTtepGqa8aAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=491&vt=11&dtpt=399&dett=3&cstd=86&cisv=r20220413.39952&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame A18F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHwvFZ-Koa5k85VA_-FXGlnq1Z5PatvXg2YrtCAVfSW1Sxd_0p1VKPuGT_E1sFoUbevarG-euDu4n4TDnONU-B_0koksHrlvKiZlJqAKVAptN73kCI2Df_Go1AkSJsOIfNVd6ASHXBOvfCvUuTex5HOTN4fn3JaUZ9dLmKij5SwpytCf3Gf7Jp3lCnKZeOVw6LiBJYgAyOgGZsA7Ho6NMh5yVIJ6AXdQiZOEc2ppEmPxU_VweksiBsQ3P4tIxzBu2VSWt38V1fOTJtOd9_ZscMiPXv8WUJf2FL6RcbK4fZuCAYwhDDN2R1wYpIY10&sig=Cg0ArKJSzL5sBfR-XebOEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 20 Apr 2022 02:07:03 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A18F 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067133
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8e744a0d15814e1483b0c1cfa81d30fd70e5a1828a49487434be419da8b7fa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10713
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6597 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c00c71981addfbf9325f6a4790fa82019f435e33743a8ccd58ff790879e33cdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10663
x-xss-protection
0
ptv
secure.adnxs.com/ Frame F5BD 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ptv?id=20240059&vwidth=0&vheight=0&referrer=hinet.net&cb=1650420422410
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.510.1_zh_tw.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Apr 2022 02:07:03 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
95ab676c-49fe-46e0-a538-e1304bba056b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xxvlvujily3i
hal9000.redintelligence.net/zone/ Frame 8B74 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/xxvlvujily3i?subid=&rnd=2819868845750896319&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYl9qxgAEayEH_YcRzwtJww%26exch_seat%3D20035004448%26mt_aid%3D2819868845750896319%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D5581625f-6ac7-4001-8b98-55d7c3284800%26mt_cid%3D5581625f-6ac7-4001-8b98-55d7c3284800%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCqZPoxmpfYtaED7eX9u8P0cGtsArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDU3NjU5NzIwMTYzNzQ3yAEJqAMBqgTXAU_QTJaGlxzW5NWIu-_Ivy35Fm16wrnIn3CHjSS7OAlqqWUV2KIO5VOspjVivBq1xy2Cdzi_s2nWMXsFumY3XyscmMQqNhNqw_DlSyWTW3SviXnhtrcvfL9zIbvPEmrpqs1lOJ68eL1xdZmsbtu53ljg58DsiaTEwi4L46KqNIc60Y7XLCRFXBwHgS_oyj4xU5isfCZgxxvbRwAqYQzjwYWD3GSpxnPp8PkYHsD7Ym8rOMdMOnRg-pa3pOyX1mk8TzcadXgEsZCR0CkVmjz_kL1yhyeDP_7zgAa_zMTOmvnjl4ABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2xjtmN2HOnY0wqGqHmeYBIwnHFgA%2526client%253Dca-pub-4457659720163747%2526adurl%253D%26redirect%3D
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
1d2f85c7e37cdfb2620bfe00478997a899e414d2b957f471240c59cead01ebd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 02:07:03 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3452
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 8B74 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=2819868845750896319&node_id=354&exch_id=4
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTnpCallXUTFNVFF0TWpNME55MDNabVF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI4MTk4Njg4NDU3NTA4OTYzMTkvNjYyMjMyNS80NTYyMzA2LzQvYkFVb2hZTU1Yam15eG05aXdUazJOakFLUnJZcUlfVHMyTDNudFdxUHJ5VS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yODE5ODY4ODQ1NzUwODk2MzE5L2Ftcy8wLzExMy8xNy85OTkvMzIyLzIwMDE6YWM4OjIwOjovMC4wMDAvMTY1MDQyMDQyMi8xNjUwNDMzMDIyLzQvcHViLTQ0NTc2NTk3MjAxNjM3NDcv/y14-YWHVlHmXwONJ_G4_8xzRa_g&nodeid=354&group=cdg&auctionid=2819868845750896319&shardkey=2819868845750896319&sid=4562306&cid=6622325&bp=a_bfcjdd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.24&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqZPoxmpfYtaED7eX9u8P0cGtsArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDU3NjU5NzIwMTYzNzQ3yAEJqAMBqgTXAU_QTJaGlxzW5NWIu-_Ivy35Fm16wrnIn3CHjSS7OAlqqWUV2KIO5VOspjVivBq1xy2Cdzi_s2nWMXsFumY3XyscmMQqNhNqw_DlSyWTW3SviXnhtrcvfL9zIbvPEmrpqs1lOJ68eL1xdZmsbtu53ljg58DsiaTEwi4L46KqNIc60Y7XLCRFXBwHgS_oyj4xU5isfCZgxxvbRwAqYQzjwYWD3GSpxnPp8PkYHsD7Ym8rOMdMOnRg-pa3pOyX1mk8TzcadXgEsZCR0CkVmjz_kL1yhyeDP_7zgAa_zMTOmvnjl4ABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2xjtmN2HOnY0wqGqHmeYBIwnHFgA%26client%3Dca-pub-4457659720163747%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.309.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 02:07:03 GMT
Server
MMBD/3.309.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x94, cdg-bidder-x51
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Wed, 20 Apr 2022 02:07:02 GMT
img
pixel.mathtag.com/event/ Frame 8B74 		43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=2819868845750896319&v3=651871&v4=4562306&v5=6622325&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTnpCallXUTFNVFF0TWpNME55MDNabVF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI4MTk4Njg4NDU3NTA4OTYzMTkvNjYyMjMyNS80NTYyMzA2LzQvYkFVb2hZTU1Yam15eG05aXdUazJOakFLUnJZcUlfVHMyTDNudFdxUHJ5VS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yODE5ODY4ODQ1NzUwODk2MzE5L2Ftcy8wLzExMy8xNy85OTkvMzIyLzIwMDE6YWM4OjIwOjovMC4wMDAvMTY1MDQyMDQyMi8xNjUwNDMzMDIyLzQvcHViLTQ0NTc2NTk3MjAxNjM3NDcv/y14-YWHVlHmXwONJ_G4_8xzRa_g&nodeid=354&group=cdg&auctionid=2819868845750896319&shardkey=2819868845750896319&sid=4562306&cid=6622325&bp=a_bfcjdd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.24&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqZPoxmpfYtaED7eX9u8P0cGtsArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDU3NjU5NzIwMTYzNzQ3yAEJqAMBqgTXAU_QTJaGlxzW5NWIu-_Ivy35Fm16wrnIn3CHjSS7OAlqqWUV2KIO5VOspjVivBq1xy2Cdzi_s2nWMXsFumY3XyscmMQqNhNqw_DlSyWTW3SviXnhtrcvfL9zIbvPEmrpqs1lOJ68eL1xdZmsbtu53ljg58DsiaTEwi4L46KqNIc60Y7XLCRFXBwHgS_oyj4xU5isfCZgxxvbRwAqYQzjwYWD3GSpxnPp8PkYHsD7Ym8rOMdMOnRg-pa3pOyX1mk8TzcadXgEsZCR0CkVmjz_kL1yhyeDP_7zgAa_zMTOmvnjl4ABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2xjtmN2HOnY0wqGqHmeYBIwnHFgA%26client%3Dca-pub-4457659720163747%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4281 354de82 master cdg-pixel-x28 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 02:07:03 GMT
Server
MT3 4281 354de82 master cdg-pixel-x28 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 20 Apr 2022 02:07:02 GMT
img
tags.mathtag.com/event/ Frame 8B74 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=2819868845750896319&st=4562306&time=1650420423&nodeid=354
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTnpCallXUTFNVFF0TWpNME55MDNabVF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI4MTk4Njg4NDU3NTA4OTYzMTkvNjYyMjMyNS80NTYyMzA2LzQvYkFVb2hZTU1Yam15eG05aXdUazJOakFLUnJZcUlfVHMyTDNudFdxUHJ5VS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yODE5ODY4ODQ1NzUwODk2MzE5L2Ftcy8wLzExMy8xNy85OTkvMzIyLzIwMDE6YWM4OjIwOjovMC4wMDAvMTY1MDQyMDQyMi8xNjUwNDMzMDIyLzQvcHViLTQ0NTc2NTk3MjAxNjM3NDcv/y14-YWHVlHmXwONJ_G4_8xzRa_g&nodeid=354&group=cdg&auctionid=2819868845750896319&shardkey=2819868845750896319&sid=4562306&cid=6622325&bp=a_bfcjdd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.24&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqZPoxmpfYtaED7eX9u8P0cGtsArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDU3NjU5NzIwMTYzNzQ3yAEJqAMBqgTXAU_QTJaGlxzW5NWIu-_Ivy35Fm16wrnIn3CHjSS7OAlqqWUV2KIO5VOspjVivBq1xy2Cdzi_s2nWMXsFumY3XyscmMQqNhNqw_DlSyWTW3SviXnhtrcvfL9zIbvPEmrpqs1lOJ68eL1xdZmsbtu53ljg58DsiaTEwi4L46KqNIc60Y7XLCRFXBwHgS_oyj4xU5isfCZgxxvbRwAqYQzjwYWD3GSpxnPp8PkYHsD7Ym8rOMdMOnRg-pa3pOyX1mk8TzcadXgEsZCR0CkVmjz_kL1yhyeDP_7zgAa_zMTOmvnjl4ABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2xjtmN2HOnY0wqGqHmeYBIwnHFgA%26client%3Dca-pub-4457659720163747%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.309.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 02:07:03 GMT
Server
MMBD/3.309.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x95, cdg-bidder-x51
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Wed, 20 Apr 2022 02:07:02 GMT
fpc
pmp-beacon.apx.appier.net/v1/ Frame BCD3 		12 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp
Requested by
Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=980&id=idgj6nm4j0ch2llzs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Request headers

Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Apr 2022 02:07:03 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
https://times.hinet.net
access-control-expose-headers
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
gcm
gocm.c.appier.net/ Frame F1D3 		42 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gocm.c.appier.net/gcm
Requested by
Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=980&id=idgj6nm4j0ch2llzs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.162.58.205 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1471-205.members.linode.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:03 GMT
cache-control
no-store
server
nginx
content-type
image/gif
content-length
42
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame F1D3 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
a1f770e5189bda45f48850960cf778982b4dbc71e8a572724d961c7a786823b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28514
x-xss-protection
0
server
sffe
etag
"1191 / 500 of 1000 / last-modified: 1650405960"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Apr 2022 02:07:03 GMT
fpc
pmp-beacon.apx.appier.net/v1/ Frame 3A9B 		12 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp
Requested by
Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=667&id=id0jmux32qfexrqfq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Request headers

Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Apr 2022 02:07:03 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
https://times.hinet.net
access-control-expose-headers
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
gcm
gocm.c.appier.net/ Frame 06F7 		42 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gocm.c.appier.net/gcm
Requested by
Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=667&id=id0jmux32qfexrqfq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.162.58.205 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1471-205.members.linode.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:03 GMT
cache-control
no-store
server
nginx
content-type
image/gif
content-length
42
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6597 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Apr 2022 02:07:03 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A18F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067133
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Apr 2022 02:07:03 GMT
/
ssp.hinet.net/api/web/request/ Frame 7E10 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request/?c=2017003&s=201702000008&t=1650420408428&u=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&o=KnUkW&show=static&ca=&k=&cab=&kb=&mode=roll
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
dee254a5ae0d5063e16a75e8fe786c6daf07e603b7b485752728690637d8635f

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ssp.hinet.net
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Apr 2022 02:07:03 GMT
server
nginx
vary
Accept-Encoding
request.php
hal90006.redintelligence.net/ Frame 8B74
Redirect Chain
  • https://hal90006.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=17ea9451b9&subid=&uid=d433d7528cc70fee&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90006.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=17ea9451b9&subid=&uid=d433d7528cc70fee&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90006.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=17ea9451b9&subid=&uid=d433d7528cc70fee&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYl9qxgAEayEH_YcRzwtJww%26exch_seat%3D20035004448%26mt_aid%3D2819868845750896319%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D5581625f-6ac7-4001-8b98-55d7c3284800%26mt_cid%3D5581625f-6ac7-4001-8b98-55d7c3284800%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCqZPoxmpfYtaED7eX9u8P0cGtsArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDU3NjU5NzIwMTYzNzQ3yAEJqAMBqgTXAU_QTJaGlxzW5NWIu-_Ivy35Fm16wrnIn3CHjSS7OAlqqWUV2KIO5VOspjVivBq1xy2Cdzi_s2nWMXsFumY3XyscmMQqNhNqw_DlSyWTW3SviXnhtrcvfL9zIbvPEmrpqs1lOJ68eL1xdZmsbtu53ljg58DsiaTEwi4L46KqNIc60Y7XLCRFXBwHgS_oyj4xU5isfCZgxxvbRwAqYQzjwYWD3GSpxnPp8PkYHsD7Ym8rOMdMOnRg-pa3pOyX1mk8TzcadXgEsZCR0CkVmjz_kL1yhyeDP_7zgAa_zMTOmvnjl4ABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2xjtmN2HOnY0wqGqHmeYBIwnHFgA%2526client%253Dca-pub-4457659720163747%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4457659720163747%26output%3Dhtml%26h%3D250%26slotname%3D3089906698%26adk%3D1280429565%26adf%3D3171381554%26pi%3Dt.ma~as.3089906698%26w%3D300%26fwrn%3D3%26psa%3D1%26format%3D300x250%26url%3Dhttps%253A%252F%252Ftimes.hinet.net%252Fnews%252F23869533%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1650420421156%26bpp%3D2%26bdt%3D512%26idt%3D382%26shv%3Dr20220413%26mjsv%3Dm202204140101%26ptt%3D9%26saldr%3Daa%26cookie%3DID%253D7aeb9a1e9fafdbfd%253AT%253D1650420409%253AS%253DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D7627605533712%26frm%3D23%26ife%3D4%26pv%3D1%26ga_vid%3D1746851889.1650420409%26ga_sid%3D1650420421%26ga_hid%3D161013570%26ga_fc%3D1%26nhd%3D2%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1000%26ady%3D2914%26biw%3D1600%26bih%3D1200%26isw%3D300%26ish%3D250%26ifk%3D3799455184%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44760332%252C182982000%252C182982200%252C31064018%26oid%3D2%26pvsid%3D1067251748401404%26pem%3D129%26tmod%3D813030052%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D1664%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C300%252C250%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26ifi%3D2%26uci%3D2.cv3feg77v16r%26btvi%3D2%26fsb%3D1%26dtd%3D393&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Ftimes.hinet.net%2Chttps%3A%2F%2Ftimes.hinet.net%2Chttps%3A%2F%2Ftimes.hinet.net&random=6955325241770&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=250&slotname=3089906698&adk=1280429565&adf=3171381554&pi=t.ma~as.3089906698&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420421156&bpp=2&bdt=512&idt=382&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420421&ga_hid=161013570&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=2914&biw=1600&bih=1200&isw=300&ish=250&ifk=3799455184&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064018&oid=2&pvsid=1067251748401404&pem=129&tmod=813030052&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.cv3feg77v16r&btvi=2&fsb=1&dtd=393
Protocol
HTTP/1.1
Server
138.201.63.164 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
428a90a6fc7ece9c3e55c1f17f3043697ee78a1ebd4c2aed9379367bd20e1e08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Apr 2022 02:07:03 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
68008600011858500951399011935006
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
890
Expires
Wed, 20 Apr 2022 03:07:03 +0200

Redirect headers

Pragma
no-cache
Date
Wed, 20 Apr 2022 02:07:03 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=17ea9451b9&subid=&uid=d433d7528cc70fee&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYl9qxgAEayEH_YcRzwtJww%26exch_seat%3D20035004448%26mt_aid%3D2819868845750896319%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D5581625f-6ac7-4001-8b98-55d7c3284800%26mt_cid%3D5581625f-6ac7-4001-8b98-55d7c3284800%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCqZPoxmpfYtaED7eX9u8P0cGtsArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDU3NjU5NzIwMTYzNzQ3yAEJqAMBqgTXAU_QTJaGlxzW5NWIu-_Ivy35Fm16wrnIn3CHjSS7OAlqqWUV2KIO5VOspjVivBq1xy2Cdzi_s2nWMXsFumY3XyscmMQqNhNqw_DlSyWTW3SviXnhtrcvfL9zIbvPEmrpqs1lOJ68eL1xdZmsbtu53ljg58DsiaTEwi4L46KqNIc60Y7XLCRFXBwHgS_oyj4xU5isfCZgxxvbRwAqYQzjwYWD3GSpxnPp8PkYHsD7Ym8rOMdMOnRg-pa3pOyX1mk8TzcadXgEsZCR0CkVmjz_kL1yhyeDP_7zgAa_zMTOmvnjl4ABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2xjtmN2HOnY0wqGqHmeYBIwnHFgA%2526client%253Dca-pub-4457659720163747%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4457659720163747%26output%3Dhtml%26h%3D250%26slotname%3D3089906698%26adk%3D1280429565%26adf%3D3171381554%26pi%3Dt.ma~as.3089906698%26w%3D300%26fwrn%3D3%26psa%3D1%26format%3D300x250%26url%3Dhttps%253A%252F%252Ftimes.hinet.net%252Fnews%252F23869533%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1650420421156%26bpp%3D2%26bdt%3D512%26idt%3D382%26shv%3Dr20220413%26mjsv%3Dm202204140101%26ptt%3D9%26saldr%3Daa%26cookie%3DID%253D7aeb9a1e9fafdbfd%253AT%253D1650420409%253AS%253DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D7627605533712%26frm%3D23%26ife%3D4%26pv%3D1%26ga_vid%3D1746851889.1650420409%26ga_sid%3D1650420421%26ga_hid%3D161013570%26ga_fc%3D1%26nhd%3D2%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1000%26ady%3D2914%26biw%3D1600%26bih%3D1200%26isw%3D300%26ish%3D250%26ifk%3D3799455184%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44760332%252C182982000%252C182982200%252C31064018%26oid%3D2%26pvsid%3D1067251748401404%26pem%3D129%26tmod%3D813030052%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D1664%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C300%252C250%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26ifi%3D2%26uci%3D2.cv3feg77v16r%26btvi%3D2%26fsb%3D1%26dtd%3D393&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Ftimes.hinet.net%2Chttps%3A%2F%2Ftimes.hinet.net%2Chttps%3A%2F%2Ftimes.hinet.net&random=6955325241770&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Wed, 20 Apr 2022 03:07:03 +0200
sodar
pagead2.googlesyndication.com/pagead/ Frame 6435 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220413&jk=55169206926762&bg=!XF-lXxvNAAZvJBiFTyQ7ACkAdvg8WmIXNi7RO3lygDKeGg0xR_Dl4B88hLxe9aDoWdT6GZniYVzfuQIAAAUMUgAAAAFoAQeZArgE3pQlfhTGGx9R_XVGJHqMmyuqYEFGhE0J3QmjERWPEIS-xIgGYKhlCgDXlEgNqq7KCdc4ciYvivQiM8wqHbMaISC4AI6r3mmdLCNIM3PKRGBpghFBk5eY1sn9xphQtSzQG-_M6r4jgQz1ULSSILkFofKm3rIWShZfNI_eLkwXJSuHvNMbyoY2pnBdbe3gDrCjh-oSq_FM7nq08ILqqqT2vas6FmapPCpzOAqzZ2pHo_yoaDrXyGwihbbcv1-fIJxterAKdofO_KvyZNDdmUiSwk6tTYzzguNu19RVK_j_1soksBCgzc8CwJx-cmi7KDT2lZGk92MgRnaRIa6apquzsv5qLh4aSf4nShW8uzQtdJGDyetV_vHImbPlCYspy5uizFgRHeAk_LnsqTymrIRNLmK0ZWXYJ0XFPTUyqFOiN3lYAnn1hZk9SCXGVSOb18NTEvYv42VSsYEkldCRzWsImI-v6ZWUXQVf4PlebemstvnwmN1MrrI-ENJeD4h5Bsh0ZqCf63KeZMmqgfIlXrSGpaQJNr-QN37IHtV9d48b_BEkEhq4xri3sztTsYeHKNj4moVOtdFJfL3Fl3WhO0uVrPy5GUSZbLFmKHn5O_CQSnjsVMb9eQ-hGmh097iC49AmvQIAyMRuPk2Pe9vQgLZDMC8DyAbmBiPIYKXhpP8C-vvrDC-5JOXzI6k2fbxcYJK8sR4Q6qnzLEDKh1xyHVAjaeaZ0m8SUZBVSGXx7zlsJoyHxgwHiq7Ctpc7j_Qil_s8NomvO03dig35tl_mka5-mUHEnM3WMTk5aOyUMHZiVVmVPhfshgQdogxz95bb6Uf86PHqn4GsdLG9scKBydOWc-b2hHTw7DzS8hYR2s1vDr2p9sL9d4HnUSYFpNbYZRVf5HKFCX9fw7u5E8zYguTyN4_OVoCDxJk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
pubads_impl_2022041301.js
securepubads.g.doubleclick.net/gpt/ Frame F1D3 		362 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
638d2f5ba5cf501a58131a42efe30aa2c2154904b0654a517cce4baeef308022
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 21:22:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17060
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125956
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 08:34:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 19 Apr 2023 21:22:43 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CF41 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
16007
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 21:40:16 GMT
expires
Wed, 19 Apr 2023 21:40:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D790 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d941692cf3bac38df6b62e2f4f11079ea102485f69d43e847c6dbcf3543d0969
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-89KmFYbxFycLNaPr77eo4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-89KmFYbxFycLNaPr77eo4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:07:03 GMT
expires
Wed, 20 Apr 2022 02:07:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041801&jk=173953894828614&bg=!t7SltPDNAAZvJBiFTyQ7ACkAdvg8WuRa-WWpB_1dO15fDYYWOFJDDXzOv5TsYOjUXOeXjNj2nmgScwIAAAUmUgAAAAJoAQcKAEZc2y6yPmGtfQU06NfGez1xmVi-1ptQz-JiVsoV7jIqD9wPMeStq1QsHShZZak4hVo2zDpn_f3mPP5naQ37AZZq2z8cnREDmQKbXkerIYfAS9tIzUEj3SX_EE3qblLslVoJ6M98D_AJwdyFsAFNBvk92XP1ajQ5u9z9OV3QxJxrlyv6nzGPuXlCq57V1b68hNTxesQ1_7JH2NzCB-2wBfbPNUjul1TNYoaKjyXjtU_MmKvsVDR94KtottDJN1AaGUdrqiE_zAglp4-nyP9hIZwPw3vpqPDe43RE9DpTVfdNqKXuY29bfS5Xdn-dDB4dXkinI9T3uhSJaXG6ukF4_dcMRvNxe_Um4pXol2Gef_-n8YCkkQzoVSkZgKjeGTAbsiVEE4Pj5PptJgkOeuiDULPPeBVRVDF5-950al9yFD8DTsfz934_mACRfZdH_VIx1Zzl5mNT4xVnuVDqcVVJMpR5_YSfydmNkYl3sS6vdRT7W5_ereGEftSymkOnQ9f3fiba82vf_C02J5UL5YbYJiy-jPNM9Jjn_fmTgCne3ovJwvI7xHVvraXNBI3xFginRWcMx8CXep3vv4mfgKwsAjO8pJk8LxdJmZp9034J3b6NhnX9PUFuLs0tjZCjO-L87B2tfkXki1lsBsd5pxUeqzRtmlflVsKYdc360N_vo4GKqZVBalTNDbXMYnriEfN8LMrQM9AZHbuBo3qZdHEqE3s7UAte8oc0S-Gd3RpUXFqP5WV-hiF-JcOn2-9W3PHVPZsdR3pBi-iKjG6kLxO6di7cTBUa_06DbTyYMVvdHSg1mSRPetthlz6BauNIMCTSTKXR5Qpr81wsfl4LdSUoyxdwKULQeGqr_McfKu1WC3aX6vtQYlszIsw5L5UvD5JXJE1e957p4aZQyXx16qQQCH_QXDpKFCdYrFGsX0YCfyPT-S_Mf29OjTgm2T35Z6ZqRqehPK0wl9zBjgPnxzpf6jeoR1T6lw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7951 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
16007
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 21:40:16 GMT
expires
Wed, 19 Apr 2023 21:40:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame EA9A 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8ac873034214b2e16ab9f6d96bc08f70564be7cb9861352143d94b10463d9843
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-khn+otZ8jS/Crj+6BKx+Fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-khn+otZ8jS/Crj+6BKx+Fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:07:03 GMT
expires
Wed, 20 Apr 2022 02:07:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
1645596000.jpg
cdnstatic.svc.litv.tv/pics/embed_showcase/2022/02/ Frame 2197 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnstatic.svc.litv.tv/pics/embed_showcase/2022/02/1645596000.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-51.dus51.r.cloudfront.net
Software
Apache/2.2.21 (Unix) DAV/2 /
Resource Hash
06630dc3389c18eb7762be26084cce1216e5ffc9b264f9d7437420792ed80339

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 18:50:25 GMT
via
1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
age
1754179
x-cache
Hit from cloudfront
content-length
75130
last-modified
Wed, 23 Feb 2022 06:00:02 GMT
server
Apache/2.2.21 (Unix) DAV/2
etag
"40917b-1257a-5d8a92d26cf1e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
w97d5ULtkIe7O7iPff683Bf82WuY1HwH7sOttvft6Zv2ZH-r33EVZg==
expires
Fri, 29 Apr 2022 18:50:25 GMT
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 9DEF 		39 B
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash
293f8ffd5a709807b597c92605f0ee341521b8445f94ff262172c93cddd5e84f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 20 Apr 2022 02:07:04 GMT
Via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-C1
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
39
X-Amz-Cf-Id
GWrl6LuRN-YX37BzWkvL6Nw5qhkB6okY3qLIG7ROCZOa6ItqQw7ZDA==
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 9DEF 		39 B
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash
7dc54c2cda854fd13e31131cc463e928a7702893b8dc77d67f58b95cfc0f7736
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 20 Apr 2022 02:07:04 GMT
Via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-C1
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
39
X-Amz-Cf-Id
h0vcjF0PanpLTrjq3sQjGASvMnVqM9452rQfbZ6wz3kwjfStjOgmRA==
integrator.js
adservice.google.com/adsid/ Frame 9DEF 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=player.svc.litv.tv
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Wed, 20 Apr 2022 02:07:03 GMT
Via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
X-Amz-Cf-Id
n5KWctefDoAbLQ5kPUbFgdT0IbSQ4T9NAJCGYVtjagg8CSSyJD0TKA==
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Wed, 20 Apr 2022 02:07:03 GMT
Via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
X-Amz-Cf-Id
ef-I2mi-3aJhBHUq_sB7BiEF0As7IUGA4uSXugJIFmzNxx9EVIXupA==
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
integrator.js
adservice.google.de/adsid/ Frame F1D3 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F1D3 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame F1D3 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4120063644100244&correlator=3915887931734192&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fifs&iu_parts=33575001%2Ctimespc300600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=1&adks=933078616&sfv=1-0-38&ecs=20220420&fsapi=false&sc=1&cookie=ID%3D7aeb9a1e9fafdbfd-22d778457bcd0076%3AT%3D1650420409%3ART%3D1650420422%3AS%3DALNI_MblU_6bYr5etqsCHkoRn0E8bimshg&cdm=times.hinet.net&abxe=1&dt=1650420422844&lmt=1650420422&dlt=1650420422552&idt=276&biw=1600&bih=1200&isw=300&ish=600&adxs=1000&adys=3184&ucis=z6fkg6tmsogd&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=3&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&top=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=1746851889.1650420409&ga_sid=1650420423&ga_hid=2048786281&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
d573c57b3b4352f1f55418e15314776563c4c380c0f84f9aed637eb94ab5265a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8768
x-xss-protection
0
google-lineitem-id
5753974224
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138358602477
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F1D3 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5707ba90dda30dc514b26017bf4a5f8c08c26002839b579376f703c784b0d45c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10655
x-xss-protection
0
container.html
05f1498154dc10d3a52a98ef22f6b0c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C4F9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://05f1498154dc10d3a52a98ef22f6b0c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:07:03 GMT
expires
Thu, 20 Apr 2023 02:07:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ad_request
ads.aralego.com/ Frame F5BD 		85 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?host=hinet.net&ver=UCX_WEB-20200113&adid=ad-9A29A6793E9676BA0763E7D3DA68A6B&dnt=https%3A%2F%2Fwww.hinet.net%2F&je=1&skip=1&skipafter=30&skipmin=30
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.510.1_zh_tw.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Bethesda, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
cabdfb214a4f4a69ac417ff9e48f28610667628fc23b6573f9d1e7cc2d47617b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:04 GMT
x-width
640
x-height
360
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://imasdk.googleapis.com
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
access-control-allow-credentials
true
x-adtype
vast
connection
close
content-length
85
sodar
pagead2.googlesyndication.com/pagead/ Frame D790 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041301&jk=4083487652389881&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame EA9A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041401&jk=1452125250450796&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F1D3 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Apr 2022 02:07:03 GMT
l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
pagead2.googlesyndication.com/bg/ Frame CF41 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 21:22:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
17054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13574
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 21:22:49 GMT
l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
pagead2.googlesyndication.com/bg/ Frame 7951 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 21:22:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
17054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13574
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 21:22:49 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DD7E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2Zv6GOw6BhZOKRYAslEvnHIHOyl4N5-2f_aFv8TAYboJHEyogcHzzS-a_AJ7vpncgJY_cXDv-ltbp55A66H-kuYXtS1ZagN3IovNye7K-f64MAP8IsLAIMSYGcZa0Bkjm0CFcjwUx1ad4UuIS7p2eg-VIDrdI264KI5z6SOqISodOD6cZiniB2DkTEcawKKsx6BD-icY1hJwkj8ial5qVhD0vaGfn4S0FT9QVPuyKpHPshaY_n1z9ZLDxShMkf19fEeCL-YYPGSITaitVVCV5wuYHQhs4-mMX1zp-_y50Fj9atCgVGxDiVg&sig=Cg0ArKJSzE_pYizS-TmiEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
adsbytenmax.js
tenmax-static.cacafly.net/ssp/ Frame F1D3 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc05e9f04683682906d0ad443881bd19fce83e240bbaeeb6ec814ce757204ee4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 20 Apr 2022 02:07:03 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
U63yZkrSK7TVVVQvpY1AAQ==
age
2472
x-ms-lease-status
unlocked
last-modified
Thu, 18 Nov 2021 05:59:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
5199d319-b01e-005e-4141-dc11f4000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=1800
x-ms-version
2009-09-19
cf-ray
6fea53002f8201db-ZRH
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DD7E 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650281421154365"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Apr 2022 02:07:03 GMT
activityi;dc_pre=CPne3pjHofcCFTlIHQkdR48Lcg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9026309386152.87
5994599.fls.doubleclick.net/ Frame 6251
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9026309386152.87?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CPne3pjHofcCFTlIHQkdR48Lcg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9026309386152.87?
390 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPne3pjHofcCFTlIHQkdR48Lcg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9026309386152.87?
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
6895bc403275bb64d3117322093a1cb18536236d1253c88d2748c2927a87036e
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
321
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:07:04 GMT
expires
Wed, 20 Apr 2022 02:07:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:07:03 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPne3pjHofcCFTlIHQkdR48Lcg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9026309386152.87?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal90006.redintelligence.net/ Frame F8BD 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90006.redintelligence.net/request_content.php?s=68008600011858500951399011935006&a=9524f9c0
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=17ea9451b9&subid=&uid=d433d7528cc70fee&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYl9qxgAEayEH_YcRzwtJww%26exch_seat%3D20035004448%26mt_aid%3D2819868845750896319%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D5581625f-6ac7-4001-8b98-55d7c3284800%26mt_cid%3D5581625f-6ac7-4001-8b98-55d7c3284800%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCqZPoxmpfYtaED7eX9u8P0cGtsArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDU3NjU5NzIwMTYzNzQ3yAEJqAMBqgTXAU_QTJaGlxzW5NWIu-_Ivy35Fm16wrnIn3CHjSS7OAlqqWUV2KIO5VOspjVivBq1xy2Cdzi_s2nWMXsFumY3XyscmMQqNhNqw_DlSyWTW3SviXnhtrcvfL9zIbvPEmrpqs1lOJ68eL1xdZmsbtu53ljg58DsiaTEwi4L46KqNIc60Y7XLCRFXBwHgS_oyj4xU5isfCZgxxvbRwAqYQzjwYWD3GSpxnPp8PkYHsD7Ym8rOMdMOnRg-pa3pOyX1mk8TzcadXgEsZCR0CkVmjz_kL1yhyeDP_7zgAa_zMTOmvnjl4ABoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2xjtmN2HOnY0wqGqHmeYBIwnHFgA%2526client%253Dca-pub-4457659720163747%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4457659720163747%26output%3Dhtml%26h%3D250%26slotname%3D3089906698%26adk%3D1280429565%26adf%3D3171381554%26pi%3Dt.ma~as.3089906698%26w%3D300%26fwrn%3D3%26psa%3D1%26format%3D300x250%26url%3Dhttps%253A%252F%252Ftimes.hinet.net%252Fnews%252F23869533%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1650420421156%26bpp%3D2%26bdt%3D512%26idt%3D382%26shv%3Dr20220413%26mjsv%3Dm202204140101%26ptt%3D9%26saldr%3Daa%26cookie%3DID%253D7aeb9a1e9fafdbfd%253AT%253D1650420409%253AS%253DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D7627605533712%26frm%3D23%26ife%3D4%26pv%3D1%26ga_vid%3D1746851889.1650420409%26ga_sid%3D1650420421%26ga_hid%3D161013570%26ga_fc%3D1%26nhd%3D2%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1000%26ady%3D2914%26biw%3D1600%26bih%3D1200%26isw%3D300%26ish%3D250%26ifk%3D3799455184%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44760332%252C182982000%252C182982200%252C31064018%26oid%3D2%26pvsid%3D1067251748401404%26pem%3D129%26tmod%3D813030052%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D1664%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C300%252C250%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26ifi%3D2%26uci%3D2.cv3feg77v16r%26btvi%3D2%26fsb%3D1%26dtd%3D393&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Ftimes.hinet.net%2Chttps%3A%2F%2Ftimes.hinet.net%2Chttps%3A%2F%2Ftimes.hinet.net&random=6955325241770&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.164 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
f4d05911ffd044c8710c6755b4c534b10a12be020c516754e8391edebc0b6af9

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1408
Content-Type
text/html; charset=utf-8
Date
Wed, 20 Apr 2022 02:07:03 GMT
Expires
Wed, 20 Apr 2022 03:07:03 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5842 		1 KB
755 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=250&slotname=3089906698&adk=1280429565&adf=3171381554&pi=t.ma~as.3089906698&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420421156&bpp=2&bdt=512&idt=382&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420421&ga_hid=161013570&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=2914&biw=1600&bih=1200&isw=300&ish=250&ifk=3799455184&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064018&oid=2&pvsid=1067251748401404&pem=129&tmod=813030052&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.cv3feg77v16r&btvi=2&fsb=1&dtd=393
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
72799
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 05:53:44 GMT
etag
48472445140208031
expires
Wed, 20 Apr 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8B74 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8501cab548cf8a5340cad45857aadc7d8771f0f87f5d882f34d9d4b89f68f36

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
jquery-1.9.1.min.js
code.jquery.com/ Frame 7E10 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.9.1.min.js
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017003&s=201702000008&t=1650420408428&u=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&o=KnUkW&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer
https://ssp.hinet.net/
Origin
https://ssp.hinet.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:03 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-169d5"
vary
Accept-Encoding
x-hw
1650420423.dop135.fr8.t,1650420423.cds281.fr8.hn,1650420423.cds250.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
32772
zone.js
apn.c.appier.net/pb/0wHT9JDiP3SORJx/ Frame 7E10 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HUut9M-f
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017003&s=201702000008&t=1650420408428&u=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&o=KnUkW&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
e0637f512c3a09fa700cdd0aafbde00eaa0fe40da6f70909261569e6f5244518

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssp.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:04 GMT
via
1.1 google
server
nginx/1.19.0
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
view
securepubads.g.doubleclick.net/pcs/ Frame DD7E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_8Hxv9-gOH5F_9SEi3ckpdIS4uCubzOsMqY2bEnMtjB6abfJQcjj7leHm5q3DDasHvkiwDiUz-1P31T_W_b7A0m--YAiXIW-ejGJ_XoYhXiA0wuJrvzfAT0xoywhiEvXuvQhFE0gHMZIaoCcVdPFnCVOsWa7V1aUCAXKx6gl9QRpgLmZ_lJySsj3WatOijcxTrZat7AhdM3R3UIWoZtqjtP1TQj0Y6gwSKw9rrqfzpDviDhvt-EKYQolU0V6yB5bkK8D3qWOf0jxaWYDdJj-hNlMsFEeftcif55XpfPnrHk4SHvz-E717V1tC&sig=Cg0ArKJSzKh7XGltSp4xEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 20 Apr 2022 02:07:04 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0A46 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
16008
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 21:40:16 GMT
expires
Wed, 19 Apr 2023 21:40:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F3FD 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f5894bee4a3a0a114f90216615bf5f64f02fec0d26cca97a55ff7486202ef408
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SR6rwVOjJz6iZpL8egtVPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-SR6rwVOjJz6iZpL8egtVPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:07:04 GMT
expires
Wed, 20 Apr 2022 02:07:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cm
dmp.tenmax.io/ Frame F1D3
Redirect Chain
  • https://dmp.tenmax.io/p/b734323b-0532-40a6-8d4e-782e1c96bd3a?random=979876830
  • https://dmp.tenmax.io/cmp
  • https://cm.g.doubleclick.net/pixel?google_nid=cacafly&google_ula=514624859,1650420424&google_hm=aXVCTFlNQk9FZXkwZUNXOXpKRmhlUT09&google_cm
  • https://dmp.tenmax.io/cm?adx=doubleclick&google_gid=CAESEDZLEnDXWBKYKPfneycuYN4&google_cver=1&google_ula=514624859,0
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.tenmax.io/cm?adx=doubleclick&google_gid=CAESEDZLEnDXWBKYKPfneycuYN4&google_cver=1&google_ula=514624859,0
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
HTTP/1.1
Server
13.76.34.51 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 02:07:04 GMT
Server
nginx
Connection
keep-alive
Strict-Transport-Security
max-age=31536000

Redirect headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dmp.tenmax.io/cm?adx=doubleclick&google_gid=CAESEDZLEnDXWBKYKPfneycuYN4&google_cver=1&google_ula=514624859,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
plan
ssp.tenmax.io/supply/v3/native/ Frame F1D3 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.tenmax.io/supply/v3/native/plan?rmaxSpaceId=e25285a509b74249&referer=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&cacheBuster=84f193cf-8fc1-40ac-ba54-cfd5a3281f03
Requested by
Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
c1a3964c0064323da7e7666e43a8a5e57d63e12f30efe66d7f1d58ca850c1cf5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 02:07:04 GMT
Server
nginx
Vary
Origin
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
https://times.hinet.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
4177
X-Application-Context
application:prod,aggregator,build-ext:58070
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 9DEF 		40 B
571 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash
2013feb290ee56dfc7e5ec62288b9cc6952b3774fcb0570545fae9377ec37c9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 20 Apr 2022 02:07:05 GMT
Via
1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-C1
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
40
X-Amz-Cf-Id
BxtFFfAQkMoreQuExlRNxMQj3SJYhqwTfZowVxmPJbhfP7-44B0Qkw==
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 9DEF 		40 B
571 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash
cbda26309731e9052cda082e4d70c2e28dd654d259651e356a59a69a5903c9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 20 Apr 2022 02:07:05 GMT
Via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-C1
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
40
X-Amz-Cf-Id
Ieu3DLw1Z70DUXgjSWoirIT8ISkO4U74h2tLV_vp1GBvghEny3b5lQ==
integrator.js
adservice.google.com/adsid/ Frame 9DEF 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=player.svc.litv.tv
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8DA1 		0
27 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BgbxExmpfYuiKHZe_3gO6gpuYBgAAAAA4AeAEAg&bg=!Hh2lHVnNAAZvJBiFTyQ7ACkAdvg8Whkkk-rOojeP5llUAmWOM5XQvCl0lNR-NeEkcjyglKNmhDvD4gIAAAQsUgAAAAJoAQcKAFGQVkEZYncGCP1e8jsmNhU71MZD6YjdfPINs5OeVwj7DUKpBCckWao5sBV8ww4EzYiAomvoMz9AyKg7gOWEBRWiwpA_cMLZiMbJfaf0_iVGRGCZAyfG_TsPRifNbgqyU_7mDCxpIjl8c7k5HrQgL-i0-NAGUuNZhhzp-giRRLnmgZq36Jf_lpEuqL9UIDZx1iZNye6uEOJdyqIRDsxUKBQSTjKJAYRZSfeN0wDC7NjIYzUagTLmDXvJUHNxTprveh5rvef_Pk5ELWqh6WcnyKrq7GaEhSZ096VVZen7DfFC0mngw_PXdWWwe_GsKX6cg-bc6VsGp_3H40VbLSyLvJ6xKx-pCgQLsiuaajKhfzWquQ304LV9IQQ5ZWGLWISue6m6JukfUl1sc94_il14RM1VXIZ6sJ7FNita5YdDQXlkfeOGCArkNyRGQHPt6uQtzAc7vFQ8sGNd8zI1s_UfFnUmf2XYhmdV8u5N4mQ1Ops4x6OIR7ZJOdTN6elDArJg5-mbJp9Mwqw_nBoe-R0sM2R8uLs8-FJiG7Do2Y285soro40D-oQHoXq8ydMA-XCOnjHJOls-ubJC5JvGVGRI5K-uuTDU9gpqmQFzT5oLBWuRIsTwtVGBhqzw2xEXkaKeSyOmSkjrQTuk4gu-KJIK2wOBiRwsCUe951JMMfHxTjG13WZXsvjxx2zP_kmfRgGSdubuxcrPBme1TNRsotb8BCUxuICQxq-iCB339PirQXhyvyQrgmGV5gGQ1Z4mc9TXDwMqO-qL-wGwfHu32hbGXfiMc8BHrrcYFGLueADic0Tyiwv7GLioLfnKzhXodud6LYJ10cTCbQzDJkAsfg-A2YCM8R-yTlGBkgapywdRnCU1u3-ox6vIcGWti529FrNnITDfhlVR_rY_vj2-yHCIxWgCp95SsZm_-fSjLIQe0gbtpc7jReDxsvInyufpjnQAExdSVhFq0hIAr72IC6jNIhB-mpCJUu2wf76OVGtXDgEZT2olVyXyP0nUF1PpXDpLjVIbcnJRuRBjiMkfDgdwezswGwOop1PMcoHJhTpPmB6kvztfGeNRAEecLq3fBsNsa87qjFvGJ8ISFN1Ltkw94Cpnvr6vHEiDe4MlR0ed7_8X3cyHw4ltjVwcYl4q81eUuiXquMSyGYg9WdhUkMwTtvYl4dBrezurWazBMvI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
300818
search.spotxchange.com/vast/3.0/ Frame F5BD 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/3.0/300818?VPAID=JS&content_page_url=https%3A%2F%2Fwww.hinet.net%2F&player_width=640&player_height=480&media_transcoding=low
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.510.1_zh_tw.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
3ad753512028ab9454846db78b92c123be24f761177422832bad76120e06a6cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Require
0.000318
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000006
X-SpotX-Timing-Page
0.010040
Pragma
no-cache
Date
Wed, 20 Apr 2022 02:07:04 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://imasdk.googleapis.com
X-SpotX-Timing-Page-Exception
0.000021
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000009
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT
failure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.002544
X-SpotX-Timing-Transform
0.000309
X-SpotX-Timing-SpotMarket
0.002544
X-spotx-Exception-0-ID
MARKET_HALTED
X-SpotX-Timing-Page-Misc
0.002305
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
Content-Length
77
X-SpotX-Timing-Page-Context
0.003674
X-fe
128
Last-Modified
Wed, 20 Apr 2022 02:07:04 GMT
Server
nginx
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000854
generate_204
tpc.googlesyndication.com/ Frame CF41 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?fjPvXg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 7951 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?vByaQw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
perf
am-trc-events.taboola.com/salesfrontier-hinet/log/3/ 		0
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/salesfrontier-hinet/log/3/perf?route=AM%3AAM%3AV&lti=forced-qp-6_var1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220417-11_b2-PR-43648-DEV-109130-add-taboola-push-api-to-force-trc_-params-into-json-call-104bbd149d4-SNAPSHOT.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://times.hinet.net
pragma
no-cache
date
Wed, 20 Apr 2022 02:07:04 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Wed, 20 Apr 2022 02:07:05 GMT
Via
1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
X-Amz-Cf-Id
FjJHc3hWA2dXM-f_Rq4RVud4FoATRPV9VsEQ9cfe5pWzbGMDT693pw==
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Wed, 20 Apr 2022 02:07:05 GMT
Via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
dqFcf5Wey5az35LdsbLmueLF0dxFl5z7fqQFpvRnYhh96vLqhmeleQ==
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
pixel
cm.g.doubleclick.net/ Frame 5842
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMIsc2XGYqluwsMFe_WSp9I&google_cver=1&google_push=AYg5qPKY6NYKgRgTgbaLHsAtM5aIywNQcCDC2ZkSPYckPFNVYYqW9LYymc...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPKY6NYKgRgTgbaLHsAtM5aIywNQcCDC2ZkSPYckPFNVYYqW9LYymcrkUwsAFHLm5KbcFwhee46FUtjW1q4XS4fqcw3IuV3d_Q&google_hm=4Xfhv2FTLX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPKY6NYKgRgTgbaLHsAtM5aIywNQcCDC2ZkSPYckPFNVYYqW9LYymcrkUwsAFHLm5KbcFwhee46FUtjW1q4XS4fqcw3IuV3d_Q&google_hm=4Xfhv2FTLXwtWGktNPRKTw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=250&slotname=3089906698&adk=1280429565&adf=3171381554&pi=t.ma~as.3089906698&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420421156&bpp=2&bdt=512&idt=382&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420421&ga_hid=161013570&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=2914&biw=1600&bih=1200&isw=300&ish=250&ifk=3799455184&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064018&oid=2&pvsid=1067251748401404&pem=129&tmod=813030052&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.cv3feg77v16r&btvi=2&fsb=1&dtd=393
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPKY6NYKgRgTgbaLHsAtM5aIywNQcCDC2ZkSPYckPFNVYYqW9LYymcrkUwsAFHLm5KbcFwhee46FUtjW1q4XS4fqcw3IuV3d_Q&google_hm=4Xfhv2FTLXwtWGktNPRKTw
pragma
no-cache
date
Wed, 20 Apr 2022 02:07:04 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5842
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEBRrILT_-tFmwu1iT17rtUs&google_cver=1&google_push=AYg5qPIFowFosZUi68s7hkI30NwhrMRslvAMJBA5VNh1jasCfjJ0iBKPKRYGF-ihiZmZghZWSNHUFJbvzvtTHlUsEsoa4bceLg3Ugg
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIFowFosZUi68s7hkI30NwhrMRslvAMJBA5VNh1jasCfjJ0iBKPKRYGF-ihiZmZghZWSNHUFJbvzvtTHlUsEsoa4bceLg3Ugg&google_hm=Q0FFU0VCUnJJTFRfLXR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIFowFosZUi68s7hkI30NwhrMRslvAMJBA5VNh1jasCfjJ0iBKPKRYGF-ihiZmZghZWSNHUFJbvzvtTHlUsEsoa4bceLg3Ugg&google_hm=Q0FFU0VCUnJJTFRfLXRGbXd1MWlUMTdydFVz
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 20 Apr 2022 02:07:04 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIFowFosZUi68s7hkI30NwhrMRslvAMJBA5VNh1jasCfjJ0iBKPKRYGF-ihiZmZghZWSNHUFJbvzvtTHlUsEsoa4bceLg3Ugg&google_hm=Q0FFU0VCUnJJTFRfLXRGbXd1MWlUMTdydFVz
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
466606.gif
id.rlcdn.com/ Frame 5842 		42 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLjJgxY2bvI74qN2cG1o1UqQolgKl2vE3WSEHbOYqFL2Us2SMg8yBY0Mx8kdh6d-z8X3gwLQJibdDYhlma-LFhCBN6_ZyYNjw&google_gid=CAESELULovubTG-T5E-2mxtWiak&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=250&slotname=3089906698&adk=1280429565&adf=3171381554&pi=t.ma~as.3089906698&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420421156&bpp=2&bdt=512&idt=382&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420421&ga_hid=161013570&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=2914&biw=1600&bih=1200&isw=300&ish=250&ifk=3799455184&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064018&oid=2&pvsid=1067251748401404&pem=129&tmod=813030052&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.cv3feg77v16r&btvi=2&fsb=1&dtd=393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:04 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
pixel
cm.g.doubleclick.net/ Frame 5842
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IoyaC54qQz6mybnIeIjyzQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IoyaC54qQz6mybnIeIjyzQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKpds_y-z_q8b5aSfj5o-TGAuGlTY3K9s9kiCr0G2cqzf049tXJMLL-hYczPmNYbZ5UsoS1tAT8xDboDIeRQMFeJ1k6-b8d
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=250&slotname=3089906698&adk=1280429565&adf=3171381554&pi=t.ma~as.3089906698&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420421156&bpp=2&bdt=512&idt=382&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420421&ga_hid=161013570&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=2914&biw=1600&bih=1200&isw=300&ish=250&ifk=3799455184&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064018&oid=2&pvsid=1067251748401404&pem=129&tmod=813030052&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.cv3feg77v16r&btvi=2&fsb=1&dtd=393
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IoyaC54qQz6mybnIeIjyzQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKpds_y-z_q8b5aSfj5o-TGAuGlTY3K9s9kiCr0G2cqzf049tXJMLL-hYczPmNYbZ5UsoS1tAT8xDboDIeRQMFeJ1k6-b8d
date
Wed, 20 Apr 2022 02:07:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 5842
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKNqyZwWUM33eFnGlhHyw4Y&google_cver=1&google_push=AYg5qPJZpR9TMnQ4nvvZoWRcP0rbBeoSF2ImmBFJuMRC5w0QsfB1dLHqiJwua0Vft4OkdO-Cu5O...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI2WFBIWlAtRi1ENTZY&google_push=AYg5qPJZpR9TMnQ4nvvZoWRcP0rbBeoSF2ImmBFJuMRC5w0QsfB1dLHqiJwua0Vft4OkdO-Cu5OvkQn1aV_E5yfVAvAq602CuYKj3g
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI2WFBIWlAtRi1ENTZY&google_push=AYg5qPJZpR9TMnQ4nvvZoWRcP0rbBeoSF2ImmBFJuMRC5w0QsfB1dLHqiJwua0Vft4OkdO-Cu5OvkQn1aV_E5yfVAvAq602CuYKj3g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=250&slotname=3089906698&adk=1280429565&adf=3171381554&pi=t.ma~as.3089906698&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420421156&bpp=2&bdt=512&idt=382&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420421&ga_hid=161013570&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=2914&biw=1600&bih=1200&isw=300&ish=250&ifk=3799455184&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064018&oid=2&pvsid=1067251748401404&pem=129&tmod=813030052&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.cv3feg77v16r&btvi=2&fsb=1&dtd=393
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI2WFBIWlAtRi1ENTZY&google_push=AYg5qPJZpR9TMnQ4nvvZoWRcP0rbBeoSF2ImmBFJuMRC5w0QsfB1dLHqiJwua0Vft4OkdO-Cu5OvkQn1aV_E5yfVAvAq602CuYKj3g
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame 5842
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz...
0
0
googleredir
googlecm.hit.gemius.pl/ Frame 5842 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 5842 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L5fbRfY2tUvRBRI-A9w5218TuMqkuf8q5UvKu9MmmQqDTFSbj5AQvmTbtYopUuVC6XcjHHcg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=250&slotname=3089906698&adk=1280429565&adf=3171381554&pi=t.ma~as.3089906698&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420421156&bpp=2&bdt=512&idt=382&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=7627605533712&frm=23&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420421&ga_hid=161013570&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=2914&biw=1600&bih=1200&isw=300&ish=250&ifk=3799455184&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760332%2C182982000%2C182982200%2C31064018&oid=2&pvsid=1067251748401404&pem=129&tmod=813030052&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.cv3feg77v16r&btvi=2&fsb=1&dtd=393
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
S-250x250.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame F8BD 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/content/soberfb/DE/S-250x250.gif
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=68008600011858500951399011935006&a=9524f9c0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.75.147.170 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3133977.ip-51-75-147.eu
Software
nginx /
Resource Hash
e05b9834df0231f80a8574f9737b6b0157a98d4a0f86d460912076738f8abb2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 02:07:04 GMT
Last-Modified
Mon, 23 Jul 2018 15:19:52 GMT
Server
nginx
ETag
"5b55f218-10074"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
65652
request
ssp.tenmax.io/supply/tracking/ Frame F1D3 		0
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.tenmax.io/supply/tracking/request?bid=92c0be50-c04e-11ec-8a07-cdac3515926f&chid=38b21df4e61c4e90&sid=e25285a509b74249
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 02:07:04 GMT
Server
nginx
Connection
keep-alive
X-Application-Context
application:prod,aggregator,build-ext:58070
P3P
CP="CUR ADM OUR NOR STA NID"
integrator.js
adservice.google.de/adsid/ Frame F1D3 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F1D3 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame F1D3 		40 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4120063644100244&correlator=3915887931734192&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fifs&iu_parts=37275962%2Crmaxspace%2Ce25285a509b74249&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&ifi=2&adks=452296027&sfv=1-0-38&ecs=20220420&fsapi=false&prev_scp=adx_region%3DTWN%26line_item_type%3DadExchange&eri=4&sc=1&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&cdm=times.hinet.net&abxe=1&dt=1650420424157&lmt=1650420424&dlt=1650420422552&idt=276&biw=1600&bih=1200&isw=300&ish=600&adxs=1000&adys=3184&ucis=wp53htnmchfp&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=3&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&top=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=1746851889.1650420409&ga_sid=1650420423&ga_hid=2048786281&ga_fc=true&btvi=2&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
63b3699958cb888e6196932ce075e619d989f5705a2a705764e7b4a2df319902
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10215
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal90006.redintelligence.net/ Frame F8BD 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90006.redintelligence.net/viewability?s=68008600011858500951399011935006&a=00979c02&vb=m
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=68008600011858500951399011935006&a=9524f9c0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.164 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/request_content.php?s=68008600011858500951399011935006&a=9524f9c0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 02:07:04 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame F8BD 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/gif
dc_pre=CPne3pjHofcCFTlIHQkdR48Lcg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9026309386152.87
adservice.google.com/ddm/fls/z/ Frame 6251 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPne3pjHofcCFTlIHQkdR48Lcg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9026309386152.87
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPne3pjHofcCFTlIHQkdR48Lcg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9026309386152.87?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Wed, 20 Apr 2022 02:07:05 GMT
Via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
X-Amz-Cf-Id
wLYNlLyJpijQ713ZxxT4zh8XkDxDAVhCCJSNMdMbPyArHSWvEhkVaw==
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Wed, 20 Apr 2022 02:07:05 GMT
Via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
X-Amz-Cf-Id
ehDQI8pgEiLDX3ozQbG-mznE5CQ8BhM4M4icjA6O8Z1Hz_PsfOehVg==
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 9DEF 		40 B
571 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash
54868d1414fbbfd90c33e55ff9ba852bb3a89103446cfc04c863e61d76c67537
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 20 Apr 2022 02:07:06 GMT
Via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-C1
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
40
X-Amz-Cf-Id
T_p94vC4dh3bJJoA6v93WSnxaP98e6bUgLNudb_uf1csxJKoYGDuIg==
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 9DEF 		40 B
571 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash
54c71ffd5895d4c68c43d4e95d07b054538cdea0b23935b46522507b44888466
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 20 Apr 2022 02:07:05 GMT
Via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-C1
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
40
X-Amz-Cf-Id
sKfWIfMc_vDuiz2qg4H9XiZ1nYgTHJdJjaL1HeNot6o5zTX0mRK0EQ==
integrator.js
adservice.google.com/adsid/ Frame 9DEF 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=player.svc.litv.tv
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zone.bid
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ Frame 7E10 		241 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.bid?acid=LaWLuHDKDi6AkkT0xWpfYg&hzid=HUut9M-f
Requested by
Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HUut9M-f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
36e29c3f1bde596e1659a920761392797413c87a4371aed685da7963d3dc6f0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssp.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:05 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
241
sodar
pagead2.googlesyndication.com/pagead/ Frame F3FD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041301&jk=4120063644100244&rc=
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
ads
googleads.g.doubleclick.net/pagead/ Frame F5BD
Redirect Chain
  • https://ad2.apx.appier.net/www/delivery/vxml.php?zoneid=9704
  • https://gocm.c.appier.net/avnet?url=ad2.apx.appier.net&zoneid=9704
  • https://ad2.apx.appier.net/www/delivery/vxml.php?zoneid=9704&acid=LaWLuHDKDi6AkkT0xWpfYg
  • https://googleads.g.doubleclick.net/pagead/ads?ad_type=video&client=ca-video-pub-1740840196959600&description_url=https%3A%2F%2Fwww.hinet.net&videoad_start_delay=0&max_ad_duration=30000
0
0
l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
pagead2.googlesyndication.com/bg/ Frame 0A46 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 21:22:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
17055
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13574
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 21:22:49 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A2B7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuTNoPetSDVbYbKuOcdEi6VBa4nhL754I6N8Dp2Kt82G5uHmlGw2uE3NDVRrj_cPHg1qv_Cll9DRs4Le7QVW-RTpIgA-15JQHLeRiioC2k66MySUbJzFmxDRvakvUX2rBpLYWexiVa1QCTeRVckVyGIKAcuvjrpdYMkLzdsv9kf5PCgfteVHZKSK7EZt8PLWfmD6xt1K5fnQv7uE-YJTvFV_oCBh9UF7A45zWSKFxJorOE_2-bV2rzayfNaADY3mhEZRiXIXveS90W7upqL4jq7uQaYR4adjmklDXWZ4DAaMjXVzSMU5RjoJlnmROBUmFk5YT4v4_M&sig=Cg0ArKJSzDiBNcSAXDj6EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 20 Apr 2022 02:07:05 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A2B7 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220413&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457659720163747&plah=times.hinet.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8dbd124a1ef2f834ae1ad736b35d6ddd31321f4d364a6a5105a5f5257fd03da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10498
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame BD28 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe2fa8dca0cf66431ed928d0b6078f15bc2ab302ce927dc71de86eba347d59ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10517
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BD28 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Apr 2022 02:07:05 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A2B7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457659720163747&plah=times.hinet.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Apr 2022 02:07:05 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012203150226000/ Frame 4C5C 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
312296
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62084
x-xss-protection
0
server
sffe
date
Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fa1474a6dd6481f4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Apr 2023 11:22:09 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 4C5C 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
312296
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
server
sffe
date
Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d91e62368f79b48d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Apr 2023 11:22:09 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 4C5C 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
312296
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29618
x-xss-protection
0
server
sffe
date
Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9a9baa9802fa29d2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Apr 2023 11:22:09 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 4C5C 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
312296
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1900
x-xss-protection
0
server
sffe
date
Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3393210d007db9ca"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Apr 2023 11:22:09 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 4C5C 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
312296
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13669
x-xss-protection
0
server
sffe
date
Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"565eca32a909292d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Apr 2023 11:22:09 GMT
truncated
/ Frame 4C5C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e19cb4c643aa630f4356fdcc3dbd0a76c864397a3aa998cecbc0877cf0ea23a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
2661119851844181999
tpc.googlesyndication.com/daca_images/simgad/ Frame 4C5C 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/2661119851844181999
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
268a8ea6d55ccb129aca1b77c92c52358ab8bd762b3f95a0fe831fc3c0cf8db3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 22:44:20 GMT
x-content-type-options
nosniff
age
184965
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75734
x-xss-protection
0
last-modified
Sat, 07 Aug 2021 06:07:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 17 Apr 2023 22:44:20 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4C5C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 18:18:23 GMT
x-content-type-options
nosniff
server
cafe
age
28122
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
7688947696963022458
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3430
x-xss-protection
0
expires
Wed, 20 Apr 2022 18:18:23 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4C5C 		344 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 16:59:05 GMT
x-content-type-options
nosniff
server
cafe
age
32880
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 20 Apr 2022 16:59:05 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4C5C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CjmSDyGpfYvOnNeKS7_UPmsKmgAn4wp-MTs7UsY3UAY6-4oOMAxABIMqm3yVgleKQgqAHoAHayq_PA8gBAqkCYlyTrzAZsj7gAgCoAwHIAwiqBIYCT9Do7BxK-rOtCVlahBaCXtTPcZ0S4b1-pxjsqtYclKEOqaGUK4JtrgdWdjFI6zACnTpU_Lu2-9u2u-EnUQ1iM7N-v-t7aD2skFi3tKnEfQAyaqDkk8ttiXIgPWFjDPvtFhF-bGtbo5Pi168tSh0E_ZLCu3NGUjej-kNixWvtUX1_NzPb8paTQ3SuNJ1kY2MoJ3dCW-IQvl-KMP1G6YG8otwaQ7z1qEYi4bYywtvf9lzwA2xu3BLuWAJm5_DXm-fxasLKhynRPCjip_9Ehx6RwMiVQAnXmn69MRCDiqR3tGE5jDnM_teQsYTW2ydzVjMwwTxvOu1iJaf0xZ0EmS7t-kRVPigbwMAEvrvOozrgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHjrXQMKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELaNCtIICQiA4YAQEAEYHYAKA8gLAdgTAtAVAYAXAbIXHgocCAASFHB1Yi00MzM4MjU2NDM5NjI2MTQ1GOqPGA&sigh=Dwl42ChSjm0&uach_m=[UACH]
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
impression
ssp.tenmax.io/supply/tracking/ Frame F1D3 		0
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.tenmax.io/supply/tracking/impression?bid=92c0be50-c04e-11ec-8a07-cdac3515926f&chid=38b21df4e61c4e90&sid=e25285a509b74249&lineitemid=5342308983
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 02:07:05 GMT
Server
nginx
Connection
keep-alive
X-Application-Context
application:prod,aggregator,build-ext:58070
P3P
CP="CUR ADM OUR NOR STA NID"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 461E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
16009
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 21:40:16 GMT
expires
Wed, 19 Apr 2023 21:40:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C3D1 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7f255aa8888e002b0cddb9a5f559b41b6211ac3f3b4d4005cc94eb4976d44b1d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-B+UcQ0yH5PFpDouPAq70ig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-B+UcQ0yH5PFpDouPAq70ig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:07:05 GMT
expires
Wed, 20 Apr 2022 02:07:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0C5C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
16009
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 21:40:16 GMT
expires
Wed, 19 Apr 2023 21:40:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CA38 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
20438e26751d31bcadf3543f9e2736b1680e5cbda218ba7a8e2aa7cd8cda935a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RT7Qf2cSPeJJ7SWuwJ5lyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-RT7Qf2cSPeJJ7SWuwJ5lyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:07:05 GMT
expires
Wed, 20 Apr 2022 02:07:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
fpc
pmp-beacon.apx.appier.net/v1/ Frame 7E10 		12 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pmp-beacon.apx.appier.net/v1/fpc?type=apn&event=pageview
Requested by
Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HUut9M-f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Request headers

Referer
https://ssp.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Apr 2022 02:07:05 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ssp.hinet.net
access-control-expose-headers
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
gcm
gocm.c.appier.net/ Frame 54A0 		42 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gocm.c.appier.net/gcm
Requested by
Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HUut9M-f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.162.58.205 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1471-205.members.linode.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssp.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:05 GMT
cache-control
no-store
server
nginx
content-type
image/gif
content-length
42
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
arjs.php
ad2.apx.appier.net/www/delivery/ Frame 54A0
Redirect Chain
  • https://ad2.apx.appier.net/www/delivery/js.php?zoneid=667&id=id0jmux32qfexrqfq
  • https://gocm.c.appier.net/aanet?id=id0jmux32qfexrqfq&url=ad2.apx.appier.net&zoneid=667
  • https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=667&acid=LaWLuHDKDi6AkkT0xWpfYg&id=id0jmux32qfexrqfq
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=667&acid=LaWLuHDKDi6AkkT0xWpfYg&id=id0jmux32qfexrqfq
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017003&s=201702000008&t=1650420408428&u=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&o=KnUkW&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
f6ed1081dc46c8dbdc17e7c873db3e58587849da57c9dbcd9d0083a20f058c07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssp.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:05 GMT
via
1.1 google
server
nginx/1.19.0
cache-control
no-store
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8

Redirect headers

location
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=667&acid=LaWLuHDKDi6AkkT0xWpfYg&id=id0jmux32qfexrqfq
date
Wed, 20 Apr 2022 02:07:05 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
139
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
sodar
pagead2.googlesyndication.com/pagead/ Frame 6597 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041301&jk=4083487652389881&bg=!DQ6lDkrNAAZvJBiFTyQ7ACkAdvg8WsemMTLeKcqKrRKKuHEJF2qD1YKZsD2-cInANoUTB9f-B1W-pgIAAAGoUgAAAANoAQeZArmwUgBbuut0Ii50T9z9VqYtQxHcT9ThLJq1ugKDuVlVu-KjA8c5qeqdsO1q4OECbk6S0sJqO1SmRWw4u3zoh178Yk9GRdSTWZ4QjTd6PS-28cTUFy5c_tB-Nhb5KAMYZvn_kQ1-OOEngzQS1O6G_Uqqe3UWgHF249hBjJj1q9h1SK4_pDzTSzftJFYIs-NXrri91RafmNg-srmHdWIrwQ6_Yd_vGHdNpAIZgXLmYh-KdLi-ZkMFQmNb60Xb30c7rqdBCXvuMkAVLFStCj5fvBWyDisbyH3mZtvA0PaOdcfC_IJjy64VvQt4Y1Rd6AynDwl1LeBmkFobI0Nebw9rk7WjU72n8ievn6A2GHlC_UvVcbOBzcbPKuyItQLILpEyCps3t4-r65r8VI1ipcorgcDJHkmQ-XpNOiYk-NON9iGED6CcFsj4NNrG_iZers9qzPOhnEIRQdj899zecKkcD53ALqyl1gas2BdFeuOYI9bh652q-7ZDAvJy2wNuivs-xcIyDmouonmxIPhzKJHETTgNRpEtdzj-029e6mms0ShXx-AG1LVSO_B_GU8FT74xF2oXL73ssHqJYGOU4A0_5dyprCreR13OcoLrCG3TsGPsICke8HaI2QW2B9zQicL83yiEggenG6kAJey6Z63XBIdlKVeyGOCEO1BOR7ntkWFxY2sz0zAtfs_EYtAJeQC9x24E85Q3EtP9D6Psy_FQ2Nm08pmTCT7rQhrMbz7QKWjYOnSgPjF3nY5oVTZDZpR1p-aeqnxkepdBEFwe2vuQTY7vwRR84EPh3YZaNyB5HsopP0gRpxH-wTI5Eu_ViiMKdv5NvZTwsAXPRnEj5c26EguTx6SAsV1wsmaMmrC20TVvcxIpeB19ori8iem6MakNlG-yyH8pFtmf3bBgO2mq44VrFn4Rsjparq0D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame A18F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041401&jk=1452125250450796&bg=!8vGl8bXNAAZvJBiFTyQ7ACkAdvg8Wu6y4Wg_j95kazDNm6ilEQ2Xg-HJvr5kCcB6SgQj5HnpcsuXagIAAAHNUgAAAANoAQeZAtDkbTFL7Iepr1CO3QOmVqp4V5nworCEbAUAVmd4AXNRaeHkTmWt8B2nsg3znEAi4N63WO776bnmp8eyH0899PDVuFfbgsjb7l_shS-10AoHIRq2RihM5VrbDQOajd1l_Mx7ZUEF5Gf0ylmbF-RSvVAaet5ptqyNqav-OOy-9g7mS0juXnpERBHO5sLGpq1I5H26_cPJCgimi5c43vhOG-40YVI1wFO515aGF0gZi9wRhvSHrRnwMVAsuG5EiSV4OHLrN6YQZ3cqcnST9RC4gvyNrRNt7g8yCgjT1j4zR6tt62xHcMO8PUVJbrS_rRucqrJNID2nRZgW7kjtAZGhf0mOQsAutJkOE2kt_5etqschhl1W3DiOGPFzkykIX4ZPhOqy0eAvwUcd20mU3cPjXpSCxPbHjapCCTwz16wvf_XscWvkgx80Wy42-M_e_B-29eMqtPk6Mf1CsMgPIjs1KyTIz0l3ECytfG0rKVGKgcGH86dDteZ1gpeWKSUPIeY9TaSbV9EmKkJo6cwrVdxsCCdDpMDl77rgcPlkS3eDo6mNo9F31tkA9qF-qj3v1hm80UZuVsP955trbnr6hnjq6Al6ZdWgKf2xWU2TDMCzqIG2YumiZWPzfr9bxCYjKivAyFOvgFTcvzvp4yjn9NSMNBUkvfH6b_6YhLBnNHegNFalX8J7qadZ6NfLicBjZBQ5MVAnlTPv4bWuO5suyPjmGX5OSwx9B-fjbI3NgdNo5uKF3tyUXqofByHU1IOA_uuBTyZwsKToI0WPNWsp6h6ouxpJxDpAww3lGOyY59EFXfLXb2BCBTpPyz2cKrEjFIfvS9_JAQOSVapW4oYE823cZxdrT3FnGKvJDkp-o01GhAsgb27k9KHs2Feu7CFvaApjlofV6Ac1pdrGh3kQNJyF6PlaC5G4FYRULjQjwrEEmzgF8y1XzvnCR2Klt3zDe7Nw0w4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
third
ssp.hinet.net/api/web/ Frame 6597 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/third?c=2017003&s=201702000041&th=29&wc=3133
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.9.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:05 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
third
ssp.hinet.net/api/web/ Frame BD28 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/third?c=2017003&s=201712000007&th=29&wc=3131
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.9.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:05 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
generate_204
tpc.googlesyndication.com/ Frame 0A46 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?bZ6eJQ
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
dc_oe=ChMIhYzlk8eh9wIVkcp3Ch3DAw9XEAAYACCHsq5KQhMIybXFk8eh9wIVS-y7CB34jgXO;met=1;&timestamp=1650420424980;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 559D 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIhYzlk8eh9wIVkcp3Ch3DAw9XEAAYACCHsq5KQhMIybXFk8eh9wIVS-y7CB34jgXO;met=1;&timestamp=1650420424980;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2661119851844181999
tpc.googlesyndication.com/daca_images/simgad/ Frame 4C5C 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/2661119851844181999
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
268a8ea6d55ccb129aca1b77c92c52358ab8bd762b3f95a0fe831fc3c0cf8db3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 22:44:20 GMT
x-content-type-options
nosniff
age
184965
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75734
x-xss-protection
0
last-modified
Sat, 07 Aug 2021 06:07:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 17 Apr 2023 22:44:20 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4C5C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 18:18:23 GMT
x-content-type-options
nosniff
server
cafe
age
28122
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
7688947696963022458
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3430
x-xss-protection
0
expires
Wed, 20 Apr 2022 18:18:23 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4C5C 		344 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 16:59:05 GMT
x-content-type-options
nosniff
server
cafe
age
32880
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 20 Apr 2022 16:59:05 GMT
third
ssp.hinet.net/api/web/ Frame 1B1F 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/third?c=2017003&s=201712000006&th=77&wc=1394
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.9.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:05 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
sodar
pagead2.googlesyndication.com/pagead/ Frame C3D1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041301&jk=3036698653969843&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame CA38 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220413&jk=1067251748401404&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
pagead2.googlesyndication.com/bg/ Frame 461E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 21:22:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
17056
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13574
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 21:22:49 GMT
l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
pagead2.googlesyndication.com/bg/ Frame 0C5C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 21:22:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
17056
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13574
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 21:22:49 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F5BD
Redirect Chain
  • https://ad2.apx.appier.net/www/delivery/vxml.php?zoneid=9704
  • https://gocm.c.appier.net/avnet?url=ad2.apx.appier.net&zoneid=9704
  • https://ad2.apx.appier.net/www/delivery/vxml.php?zoneid=9704&acid=6POSlhyLBM-mHVlSympfYg
  • https://googleads.g.doubleclick.net/pagead/ads?ad_type=video&client=ca-video-pub-1740840196959600&description_url=https%3A%2F%2Fwww.hinet.net&videoad_start_delay=0&max_ad_duration=30000
0
0
fpc
pmp-beacon.apx.appier.net/v1/ Frame 54A0 		12 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp
Requested by
Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=667&id=id0jmux32qfexrqfq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Request headers

Referer
https://ssp.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Apr 2022 02:07:06 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ssp.hinet.net
access-control-expose-headers
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
gcm
gocm.c.appier.net/ Frame A479 		42 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gocm.c.appier.net/gcm
Requested by
Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=667&id=id0jmux32qfexrqfq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.162.58.205 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1471-205.members.linode.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssp.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:06 GMT
cache-control
no-store
server
nginx
content-type
image/gif
content-length
42
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
/
ssp.hinet.net/api/web/request/ Frame 7E10 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request/?c=2017003&s=201702000008&t=1650420408428&u=645f1f83-8da9-451c-b42f-b9f76357727e&o=KnUkW&show=static&ca=&k=&cab=&kb=&mode=roll
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017003&s=201702000008&t=1650420408428&u=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&o=KnUkW&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
6de75ae6e3cfae82344f263f632489e5773544b72735737b8c7aa98314a3d119

Request headers

Referer
https://ssp.hinet.net/api/web/request/?c=2017003&s=201702000008&t=1650420408428&u=7536927f-270b-7ca0-ddf6-9ac9caf6ad67&o=KnUkW&show=static&ca=&k=&cab=&kb=&mode=roll
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ssp.hinet.net
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Apr 2022 02:07:06 GMT
server
nginx
vary
Accept-Encoding
generate_204
tpc.googlesyndication.com/ Frame 0C5C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Nrrskw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 461E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?BS7X7Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame F1D3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041301&jk=4120063644100244&bg=!h4SlhMDNAAZvJBiFTyQ7ACkAdvg8Wg1FZwP068luYbmG-gDPaCgX-KpNub-fxbAx7nPqNh-9oOGsOAIAAAMCUgAAAANoAQeZAvRS5VlBWu-Z02PIK1lnKUFsZsF81QEIsGX-g_A1KxvcGo_69QvcC0xWrb4UkR4Hq8BDsAjEv0E8puElhZkXjkmzkY3QXvpS0vO0ofegpA7BcTxpKzinUi3hCegiQEpxZQxP8VyxVXiaqFU2f9MigsEo0ACrVo3C6Fwof7MPUOQY6ApFdVLUrc1uhs_ypWPaHNks46jnlEJBH7Y1VPFRUalhFjRjts9Zpn6IEWlgJ1i_ciWaEKcvmLtjN90p8qYWEqigf4lIQZv5DN9gHyo4Oixe7PjZUmghfAEk7gxVx_Tj32R9u1XGl9R4QF83KuoNFQykxPmhX3bu1Ty9NdY7lHT81lutcpsza1bDxqh9vzVX7gdjNuzH8I_13Ma5iW9neribt6Vptkwnh_ECy5BpwEL8GgNaoX-x51XC0bOkEiMO7pB6APx0eqi5iC-P-lP1E8AggvyrwG1t09wlNgm3VqyrCHW7PotfDDJ5L8fYSFSXVADsDg5_fGvpGvcj75lhbMVPiYA-tWOoh3YLBFMBUHuvW8t-jK5TACoqbJeKsUBNQkVS66712_b53MJPmPBVX487VD9YTNvwPsfmF66X9Yf1CfZ9jWab3VT0U72fm9OOWl70fO1yReL3YnAn3f1julh74P1bEr_6UXsqS-hZ-YS9wPd_OVEq2QB2HJuQQLPNMFvdw9NeLpHrsGuVWhp07sEgiRelrvpSnuFe4sYw6IVqKKOTPEPLujUBi2mI3RDyC1h1qTM2Wp4x-Y76OjP-nL-3fuKycvjhg4VwDaBrjUhluOApsIoUJdUWfrAd3yhQfhCnm5Ca_NLHbVSixu8lEJv9ir_ATVZAzeMOsYGiOlScysaIqgHgvYgaFVV49FF3xjLuscCHOGqAkQG0ACyaVc2QyTaNK_hv68XMn16508zo5MfHETXGfNKLGZqz2JmAk6WwXgr6fojowLhNZvsL2_IUTszJyw6Mw-tEsw0XRQvwUrWcixouLb-rAgjx0ZsPccPSmdE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
jquery-1.9.1.min.js
code.jquery.com/ Frame 7E10 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.9.1.min.js
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017003&s=201702000008&t=1650420408428&u=645f1f83-8da9-451c-b42f-b9f76357727e&o=KnUkW&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer
https://ssp.hinet.net/
Origin
https://ssp.hinet.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:06 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-169d5"
vary
Accept-Encoding
x-hw
1650420426.dop135.fr8.t,1650420426.cds281.fr8.hn,1650420426.cds250.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
32772
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 7E10 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017003&s=201702000008&t=1650420408428&u=645f1f83-8da9-451c-b42f-b9f76357727e&o=KnUkW&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
5953ef77e50c18a1d13dfc5bf7ada74434192f93324625497e5e651079e0df16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssp.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28522
x-xss-protection
0
server
sffe
etag
"1191 / 224 of 1000 / last-modified: 1650406063"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Apr 2022 02:07:06 GMT
pubads_impl_2022041401.js
securepubads.g.doubleclick.net/gpt/ Frame 7E10 		362 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
108a5ee6306c726271c490dceca48e5fb5a148ea41fcb9fe55cd5d348f16eb57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssp.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 20:33:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19987
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125916
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 08:34:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 19 Apr 2023 20:33:59 GMT
integrator.js
adservice.google.de/adsid/ Frame 7E10 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ssp.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssp.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7E10 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ssp.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssp.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 7E10 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=916938650705493&correlator=3345876542400982&eid=31063378%2C31067165%2C31067150%2C31066184&output=ldjh&gdfp_req=1&vrg=2022041401&ptt=17&impl=fifs&iu_parts=33575001%2Cportal_niusnews300x250-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=2798357613&sfv=1-0-38&ecs=20220420&fsapi=false&sc=1&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&cdm=ssp.hinet.net&abxe=1&dt=1650420425964&lmt=1650420425&dlt=1650420425768&idt=164&biw=-12245933&bih=-12245933&isw=300&ish=250&adxs=0&adys=0&ucis=ox2tz4mf5ghg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%2F%3Fc%3D2017003%26s%3D201702000008%26t%3D1650420408428%26u%3D645f1f83-8da9-451c-b42f-b9f76357727e%26o%3DKnUkW%26show%3Dstatic%26ca%3D%26k%3D%26cab%3D%26kb%3D%26mode%3Droll&ref=https%3A%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%2F%3Fc%3D2017003%26s%3D201702000008%26t%3D1650420408428%26u%3D7536927f-270b-7ca0-ddf6-9ac9caf6ad67%26o%3DKnUkW%26show%3Dstatic%26ca%3D%26k%3D%26cab%3D%26kb%3D%26mode%3Droll&top=https%3A%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%2F%3Fc%3D2017003%26s%3D201702000008%26t%3D1650420408428%26u%3D7536927f-270b-7ca0-ddf6-9ac9caf6ad67%26o%3DKnUkW%26show%3Dstatic%26ca%3D%26k%3D%26cab%3D%26kb%3D%26mode%3Droll&frm=8&vis=1&scr_x=-12245933&scr_y=-12245933&psz=300x250&msz=300x250&fws=260&ohw=300&ea=0&ga_vid=1746851889.1650420409&ga_sid=1650420426&ga_hid=494824118&ga_fc=true&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
344f0443250af5db0e81793a8913364a3f0973e31a082cdae9b396b88e605683
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssp.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8816
x-xss-protection
0
google-lineitem-id
5753961312
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138372979429
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ssp.hinet.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ed759e07329150df5cf259c3fece2575.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C2A4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ed759e07329150df5cf259c3fece2575.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ssp.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:07:06 GMT
expires
Thu, 20 Apr 2023 02:07:06 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame E69F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss78BFI-imsx2vhHGX7avW_o4QPHMQRdiJvpGMIS7mi9TugWtscYsAQg6li7npdC7gpsyrEaWzixpo9lUimYEz32tc1IvqwBWvdguI2IZLVjbivkz2NXoLyAfEzfL2qV7uoip8HY9Rb6wg0wXGKCEDFG9UmbhIBEav4SWcHaJMOmWCenbXijiBPH5V2oP86r_XKD75OqGWgs11cYsewVajGDdeOCAXG7cgZWJRUmEJpiFUHCc03Vd1alqNPBYCnHHBlv-tpBFMRSBANGpgx8hY2GR5OTi5b7-lBUHzqqgz4JR3f_kiPxdzRZzhU93okobnwWQ&sig=Cg0ArKJSzI7723zsQQtAEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/23869533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssp.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
admax_api_https.js
web.ssp.yahoo.com/js/admax/ Frame E69F 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.ssp.yahoo.com/js/admax/admax_api_https.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
d77b5fa8ab16e810b58ac909b4ad45c6568dfc3ff491d16567fce40288bf087d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssp.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:06 GMT
last-modified
Tue, 19 Apr 2022 17:32:25 GMT
server
ATS/9.1.0.33
age
0
accept-ranges
bytes
content-length
2651
content-type
application/javascript
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E69F 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssp.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650281421154365"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Apr 2022 02:07:06 GMT
adServe.do
prod-m-node-3113.ssp.yahoo.com/admax/ Frame E69F 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod-m-node-3113.ssp.yahoo.com/admax/adServe.do?cTag=ad460388&dcn=8a9694f0017d7d25311527e135cf0046&pos=8a9699a8017d7d294f872b70cab1003d&secure=1&ua=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/100.0.4896.75%20Safari/537.36&of=js
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/js/admax/admax_api_https.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.21.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-21-97.eu-central-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
1df3be3556d585937fd2199871dabb55c715d7e64c9f744c774ccc5a81c2efac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssp.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:07 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
server
nginx/1.20.1
content-type
application/x-javascript;charset=utf-8
content-length
3052
expires
Thu, 01 Jan 1970 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A2B7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220413&jk=1067251748401404&bg=!UlGlURXNAAZvJBiFTyQ7ACkAdvg8Wjlcet3SW5qe55Z-bIp0TQBJbMz5TkmSzUX26QzFVm8EHNyf3wIAAAFYUgAAAAVoAQeZAtHJzk7gbAGYTEtX3lTTIgSLdL3R8-7uaPedCR3Wwo22bYVIhCsHaAiaeR9zH9a-DsBKeoRUE5wIP5cBZ6RJbLJMWHOXc1_LbJdBTD2cti2Pppisq6WZJtaVVi73PefdnbF2WkPS16S-gS27rMcFhQYg0I1Na293Fs9Yzxlmtmc380io384W57yY4UF3tVclI9cvOx7AiycoFYFpOKylfdPGDjLRbmOm8vAe55HAgrD7iX4wGYSwyIVHLa1nfwrVLRU41cLyp07hF2oYi_Qdg3yVn7xldzaArvBaHlm3uQUEmo5FK_7cgZWb5-d8Oc1-7JXpk4_Yuzc6vrKhxqd7cpMRvSGbwSYseQfYYzE5gKcCBk9afOHLtbBbQK7OWcvwUsVRIYZgS6JBC5fP5PrPKUXgv3HYVBX0fay-ikSjhZq0LTiLpblDdiM6cnbJplOxEX7AmgH8m70W-Hgm7dyxuqqvkiaaMZhYvs9Aa9W_SHkBx-HcqcMxmmYmUf_PwkwmKLoga9HJjKPAvGcRmoVeKiZVqFcirNh0cFa0AfKqtQJjCogBKggone0L28B74FzyDYWf1IkKjcS6lfEfe-_Iq8BiNfDNH8oHSOmngB4zqIncKbWulNfXj97uhh5vcy-KknwnnFSMYH3RwH9dKZv7IeD70pY7Mykw0W4Pg58EO4ZsqTw4DNw9cOzDQWFdKQBr0ePB-bSsj7fdBlveyUfcG404Rb5qHhWwiWTo_eXNMr5LGEQp2CEjE5nrFiK5MYPyC7hqQzFoXdl73TMz2GeJRs5PmBMTLjrRMs8GMP98frVSMzfSBl-XddldFfjIhv8Dre8KBD1ri9dAFfkzuLx5mYBlZCxdxx7WRZUBdftrcb_OhBt2wxfahA9J2MVeCYrI1PNHSVzDQGDOpoMpG_LlfhlScj3FP89Sjqlg6A4B-s_oQzlsRg8wOOhrf-hwhLxQkTCi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame BD28 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041301&jk=3036698653969843&bg=!xMelx4PNAAZvJBiFTyQ7ACkAdvg8Wvz5Cm_yRZxO2YjqNDNiJfqtOb263FDGrm10zcfrABC7v6tuLQIAAAGfUgAAAANoAQcKAG41D-zf78ZNqOCWR9ZR12mho2zNCHcsBWH9JY2XQw2LCPOtxokeb6hORUPZj-9BLwjHaNYeKmaPWsb3Luu0cl5-lH5557TYJ0Z4WXXbvKd4fmYniVQOxdRR1Bi-7xj3CNgqr9jXBeEZsfOzERfjoJkCunaLvUd_-MJmGvS06EpApVUBHIIQTC2DUaKxETLvGrsn70d90K3XhS8JE4cRi2fPQ0SUkSquIn_2w17njEqWa-TWVFED2NSXUnTpaLDi79aZAjaA5fb49AtEWy7UzdC6vqJtjetwvv9h3L-lMiGSxJ452JF2TxNVRvsV_urelvJs5QSYr26nU3I1G6s0X7SvgfxyoUIP2S-yu0VEOsMXSA9yYCET1wUKpQFtwR0ET7x3vncK8gc0Y2Bp6BtsVLK-uk3DDKsE5kHq7kZo8E2hT2YgqPo6owtlHq8BPpZ3uANKJxwVHAGL1eDoSt2eVtCoDqDpNCCyTb3hYSlTF8zcpn_--gKPSKEwc_gfTD1obyyMJOB0ovameuCBUA2XZdc_JdZ1G6AlwX78AMw_M4yxb6bLqQj8JkXQx-AwNbChGBcfs3HiomzgQCsso7eTOAFMK9COp7IyPL20RU0okjfRLp2d0fVrsjcwfCXqCA5Q-V8hDEqX4dkVWoCirjKHSDJgIQ40hII8GplbeR8mfF7bR1LU8wzdyNTrwG2QEl6z8gEN1TCIo_qKQB-X30fR2bxQJgnFk2iMuYAIZC-MF4kM0Pup7zaldyJdFnIPrb_tK3FdTtyAEykZV37aZU_OqE7NFIbczNQeQ60e0eib4MNXTD_NETJgp_en5amS5FhU34HU8uZ_uXLcHZG7vAupMd6uiKbatgzUywW61_HnF7Z9cArs6Rvhj2GxWxvOfmQP-EgsXxDR15UxEP3CgONJnQTh8XhEKdpm0PbPtmWpYs69iO-w1lD-p6OOuFjHGAHkNYskI7MqDmpW0kohbXZNcR4DU8NGFxecc503mPdkAH0LZrSi644BOvvROrWvTr5-HGWxQ3wjMsaZPUztYu1oOmefmKfE-JCWHl9Qjrdxd3GaUiG0nCYylG53-9qT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
1469e520dcf6ed81503bbe34a5641e77_1000x600_e9db0a5b0028e58fd9239acfe6092ba7.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_667%2Cw_1200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_667%2Cw_1200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/1469e520dcf6ed81503bbe34a5641e77_1000x600_e9db0a5b0028e58fd9239acfe6092ba7.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2a878e7c010b8ee048ad7f0734c6653e4463880550867f5263c7b3d203599635

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
81
date
Wed, 20 Apr 2022 02:07:07 GMT
via
1.1 varnish, 1.1 varnish
age
1788561
edge-cache-tag
525266826214705493589965950339225351747,348578241225846556782172506423095067688,29ecf9b93bbf306179626feeda1fab70
cache-tag
525266826214705493589965950339225351747,348578241225846556782172506423095067688,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
104
expiration
expiry-date="Sat, 16 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_667%2Cw_1200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/1469e520dcf6ed81503bbe34a5641e77_1000x600_e9db0a5b0028e58fd9239acfe6092ba7.png
content-length
39322
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Wed, 16 Mar 2022 13:05:57 GMT
server
nginx
x-timer
S1650420427.058363,VS0,VE81
etag
"d8edf2c7a811932cf841cbd9103ae076"
x-served-by
cache-iad-kjyo7100041-IAD, cache-iad-kcgs7200110-IAD, cache-chi-kigq8000168-CHI, cache-iad-kcgs7200148-IAD, cache-cdg20773-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1, 0
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Wed, 20 Apr 2022 02:07:07 GMT
Via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
X-Amz-Cf-Id
12lH81n04du9hFPg4QnfMWfS4qmNJ8P2pcoYRfi86LiHO3hL3eTrqA==
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Wed, 20 Apr 2022 02:07:07 GMT
Via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
X-Amz-Cf-Id
qSu6NN-pfnukifdgmzC3e7PMMNzr0Pjk_Y4JtnbEnmw0clYNAQsrkQ==
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 9DEF 		40 B
571 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash
da7bfdacae66cbc83e6063d3ce4687b0edc0db87f562f114cbb43166fd61e4cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 20 Apr 2022 02:07:07 GMT
Via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-C1
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
40
X-Amz-Cf-Id
pgAQhZBJl8hJjwykgfQdaTWgJknBXO84xVdy2yvJp-3TZWQabPVuQA==
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 9DEF 		40 B
571 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash
3dedebaae73adc33be883fb7623603af1a1a070f571a0b1ffb015ae540fa0b82
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 20 Apr 2022 02:07:07 GMT
Via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-C1
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
40
X-Amz-Cf-Id
YpKK0qJKhOTubTYvy4pginURamVwd5NTRe0PuMnqyYiyyUN5gqu-kQ==
integrator.js
adservice.google.com/adsid/ Frame 9DEF 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=player.svc.litv.tv
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
rmax-ad
ssp.tenmax.io/supply/video/ Frame F5BD 		807 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.tenmax.io/supply/video/rmax-ad?rmaxSpaceId=c8ea10f92d7c4fdb&domain=litv.tv
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.510.1_zh_tw.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
4d4547f166b8dc0663c3abcc41687ee0137a81cdc4d0bab9d807111198fffca7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 02:07:07 GMT
Server
nginx
Vary
Origin, Accept-Encoding, User-Agent
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml;charset=utf-8
Content-Length
807
X-Application-Context
application:prod,aggregator,build-ext:58070
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame E69F 		155 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1311151640559524
Requested by
Host: prod-m-node-3113.ssp.yahoo.com
URL: https://prod-m-node-3113.ssp.yahoo.com/admax/adServe.do?cTag=ad460388&dcn=8a9694f0017d7d25311527e135cf0046&pos=8a9699a8017d7d294f872b70cab1003d&secure=1&ua=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/100.0.4896.75%20Safari/537.36&of=js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b334cd424e78bd1f804d6c9d828eb92fa8412a0767f823b0587814e41b54848
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ssp.hinet.net/
Origin
https://ssp.hinet.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54421
x-xss-protection
0
server
cafe
etag
11913285494121788225
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 20 Apr 2022 02:07:07 GMT
talon-1.0.40.js
cdn.js7k.com/ix/ Frame E69F 		69 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/ix/talon-1.0.40.js
Requested by
Host: prod-m-node-3113.ssp.yahoo.com
URL: https://prod-m-node-3113.ssp.yahoo.com/admax/adServe.do?cTag=ad460388&dcn=8a9694f0017d7d25311527e135cf0046&pos=8a9699a8017d7d294f872b70cab1003d&secure=1&ua=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/100.0.4896.75%20Safari/537.36&of=js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssp.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 22:55:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11519
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
16540
x-amz-id-2
MNQWX24UWEa6ZlVuukx/piytXpXQHQ1hLzJ+BWUyujKYDrShen8cOW9XOfMKZ0BIrDunvtNsWzw=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Apr 2022 16:08:42 GMT
server
ATS
etag
"adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
DP1XNDPCZZ1T07GX
x-xss-protection
1; mode=block
cache-control
public,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
adEvent.do
prod-m-node-3113.ssp.yahoo.com/admax/ Frame E69F 		43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-m-node-3113.ssp.yahoo.com/admax/adEvent.do?tidi=770955515&dcn=8a9694f0017d7d25311527e135cf0046&posi=1605371&grp=%3F%3F%3F&nl=1650420427123&rts=1650420427049&pix=1&et=1&a=495e34eccc764c9ba65be97857d508b6&m=aXAtMTAtMjItMTE4LTIyNQ..&b=MTMxMDc7UHVibGlzaGVyIFBhc3NiYWNrIFNlYXQ7Pz8_Ozs7OzQ4Y2RlOGE0M2JiMzQyMmI5ZTgxNWMzZTI4MjliOTE3OzMwNTI2OTU1OzE2NTA0MTgyNDk7OzA7OzA7O3Bhc3NiYWNrLTEyNzcyOzsx&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxN3xEZXNrdG9w&xoi=MHxERVU.&af=7&dety=5
Requested by
Host: prod-m-node-3113.ssp.yahoo.com
URL: https://prod-m-node-3113.ssp.yahoo.com/admax/adServe.do?cTag=ad460388&dcn=8a9694f0017d7d25311527e135cf0046&pos=8a9699a8017d7d294f872b70cab1003d&secure=1&ua=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/100.0.4896.75%20Safari/537.36&of=js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.21.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-21-97.eu-central-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssp.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:07 GMT
last-modified
Tue, 19 Apr 2022 17:30:36 GMT
server
nginx/1.20.1
accept-ranges
bytes
content-length
43
content-type
image/gif
ads
pubads.g.doubleclick.net/gampad/ Frame F5BD 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F37275962%2Frmaxspace%2Fc8ea10f92d7c4fdb&description_url=litv.tv&env=vp&correlator=1120906131563955&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C854x480&cust_params=adx_region%3DTWN&unviewed_position_start=1&vpa=auto&vpmute=1&sdkv=h.3.510.1&osd=2&frm=2&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=2130998149&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.510.1&sid=18DBA3E8-86C4-4C84-A366-8FCD4C6FF974&nel=0&eid=44725355%2C44738438%2C44750822%2C44752711%2C44758348%2C44761692&url=https%3A%2F%2Ftimes.hinet.net&ref=https%3A%2F%2Fwww.hinet.net%2F&dlt=1650420411323&idt=1964&dt=1650420426907&scor=4248362642961971&ged=ve4_td16_tt14_pd16_la16000_er0.0.0.0_vi0.0.168.300_vp0_ts1_eb16747
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.510.1_zh_tw.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204180101/ Frame E69F 		304 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1311151640559524&plah=ssp.hinet.net&bust=31067164
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1311151640559524
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90664020ab32f5e09885c52287de79f1629492bdc5d3ba18614d95e226272dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssp.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111063
x-xss-protection
0
server
cafe
etag
17276535459412800058
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 20 Apr 2022 02:07:07 GMT
truncated
/ Frame E69F 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8a0b7f819baef4d12f735b0fe6857421fd973f7f2872247849ea64e55332898

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
cookie.js
partner.googleadservices.com/gampad/ Frame E69F 		213 B
227 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ssp.hinet.net&callback=_gfp_s_&client=ca-pub-1311151640559524&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1311151640559524&plah=ssp.hinet.net&bust=31067164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
7700e02a0a774656d7a71d792e961d719beb2f74e4bbfddf1b8d6b1e59da4242
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssp.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
200
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame E69F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ssp.hinet.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1311151640559524&plah=ssp.hinet.net&bust=31067164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssp.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E69F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ssp.hinet.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1311151640559524&plah=ssp.hinet.net&bust=31067164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssp.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7150 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&adk=1812271804&adf=2662694598&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Ftimes.hinet.net&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420426948&bpp=4&bdt=741&idt=100&shv=r20220413&mjsv=m202204180101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&nras=1&correlator=1795433715493&frm=8&ife=4&pv=2&ga_vid=1746851889.1650420409&ga_sid=1650420427&ga_hid=451399582&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1730313683&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067068%2C31067164%2C44761537%2C31061828%2C31067150%2C31066185&oid=2&pvsid=2023639261504748&pem=53&tmod=420444723&uas=0&nvt=1&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.qykj0xl5p6kf&fsb=1&dtd=137
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1311151640559524&plah=ssp.hinet.net&bust=31067164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ssp.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:07:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1F77 		26 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=5905656858&adk=967909671&adf=876643155&pi=t.ma~as.5905656858&w=300&fwrn=16&psa=0&format=300x250&url=https%3A%2F%2Ftimes.hinet.net&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420426952&bpp=2&bdt=745&idt=145&shv=r20220413&mjsv=m202204180101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=1795433715493&frm=8&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420427&ga_hid=451399582&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1730313683&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067068%2C31067164%2C44761537%2C31061828%2C31067150%2C31066185&oid=2&pvsid=2023639261504748&pem=53&tmod=420444723&uas=0&nvt=1&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.eiiz9lbebpnp&fsb=1&dtd=159
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1311151640559524&plah=ssp.hinet.net&bust=31067164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57d78b9a23ff310375991479f6e530277a36963418d98aa90a0f2ac8aa14728f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ssp.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
11931
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:07:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Wed, 20 Apr 2022 02:07:08 GMT
Via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
X-Amz-Cf-Id
qDw5Dg79t_dOOp34Lii1btbsRFVl0_jMDn9QjMB9xSKOnGM0fYPJVQ==
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Wed, 20 Apr 2022 02:07:07 GMT
Via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
X-Amz-Cf-Id
1JOsp20O93sbGD9yE6Uk087dwPyqtRx5_RAmGf4JseAuiVn-_R4J1w==
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 9DEF 		40 B
571 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash
e8c611574208f5e5e1373e1e1c7c3bc03797ccde71a1636a3bfa8f0e4027f45c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 20 Apr 2022 02:07:09 GMT
Via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-C1
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
40
X-Amz-Cf-Id
B_3HiOlf5o8-WwcBgrG9RpBQ6PqWtev9ojXe1h3LE2PdL3vYcEtIWw==
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 9DEF 		40 B
571 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash
70b420618b8cfecbbfa96a67399da075c3654b1f5f20415be5a494680b67d7c9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 20 Apr 2022 02:07:08 GMT
Via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-C1
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
40
X-Amz-Cf-Id
_Junw5q33A2HGM0dbmwggvJqMVcNZSC5CKzGvVU5dxmqym80BX_IpQ==
integrator.js
adservice.google.com/adsid/ Frame 9DEF 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=player.svc.litv.tv
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
rmax-ad
ssp.tenmax.io/supply/video/ Frame F5BD 		807 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.tenmax.io/supply/video/rmax-ad?rmaxSpaceId=b286994e7b3d4618&domain=litv.tv
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.510.1_zh_tw.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
0366a21703cd52258ec7e5de989232cafcd318889fbaf23a6893a32d754090fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 02:07:08 GMT
Server
nginx
Vary
Origin, Accept-Encoding, User-Agent
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml;charset=utf-8
Content-Length
807
X-Application-Context
application:prod,aggregator,build-ext:58070
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/ Frame 1F77 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=5905656858&adk=967909671&adf=876643155&pi=t.ma~as.5905656858&w=300&fwrn=16&psa=0&format=300x250&url=https%3A%2F%2Ftimes.hinet.net&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420426952&bpp=2&bdt=745&idt=145&shv=r20220413&mjsv=m202204180101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=1795433715493&frm=8&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420427&ga_hid=451399582&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1730313683&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067068%2C31067164%2C44761537%2C31061828%2C31067150%2C31066185&oid=2&pvsid=2023639261504748&pem=53&tmod=420444723&uas=0&nvt=1&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.eiiz9lbebpnp&fsb=1&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 15:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36771
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 May 2022 15:54:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1F77 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=5905656858&adk=967909671&adf=876643155&pi=t.ma~as.5905656858&w=300&fwrn=16&psa=0&format=300x250&url=https%3A%2F%2Ftimes.hinet.net&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420426952&bpp=2&bdt=745&idt=145&shv=r20220413&mjsv=m202204180101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=1795433715493&frm=8&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420427&ga_hid=451399582&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1730313683&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067068%2C31067164%2C44761537%2C31061828%2C31067150%2C31066185&oid=2&pvsid=2023639261504748&pem=53&tmod=420444723&uas=0&nvt=1&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.eiiz9lbebpnp&fsb=1&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650281421154365"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Apr 2022 02:07:08 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/ Frame 1F77 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=5905656858&adk=967909671&adf=876643155&pi=t.ma~as.5905656858&w=300&fwrn=16&psa=0&format=300x250&url=https%3A%2F%2Ftimes.hinet.net&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420426952&bpp=2&bdt=745&idt=145&shv=r20220413&mjsv=m202204180101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=1795433715493&frm=8&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420427&ga_hid=451399582&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1730313683&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067068%2C31067164%2C44761537%2C31061828%2C31067150%2C31066185&oid=2&pvsid=2023639261504748&pem=53&tmod=420444723&uas=0&nvt=1&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.eiiz9lbebpnp&fsb=1&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2d5acc40b303c5c7b8d41a3472de6bea841871f10f3b219d0add5c0d673106b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
130
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6421
x-xss-protection
0
server
cafe
etag
15269590465493672714
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 May 2022 02:04:58 GMT
l
www.google.com/ads/measurement/ Frame 1F77 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRR_WpoMJWYFdiBLL6JyCSws3xpOjWaoQdHlnf8zcmXNRmevPVyZlme1KcEcPqcf-81CPKuLn4VFsJqUvTl6FtuLCirdg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=5905656858&adk=967909671&adf=876643155&pi=t.ma~as.5905656858&w=300&fwrn=16&psa=0&format=300x250&url=https%3A%2F%2Ftimes.hinet.net&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420426952&bpp=2&bdt=745&idt=145&shv=r20220413&mjsv=m202204180101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=1795433715493&frm=8&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420427&ga_hid=451399582&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1730313683&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067068%2C31067164%2C44761537%2C31061828%2C31067150%2C31066185&oid=2&pvsid=2023639261504748&pem=53&tmod=420444723&uas=0&nvt=1&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.eiiz9lbebpnp&fsb=1&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
adview
googleads.g.doubleclick.net/pagead/ Frame 1F77 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CYszMy2pfYteJMruD1fAPp46P0ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMzExMTUxNjQwNTU5NTI0oAHCrujdA8gBCakCYlyTrzAZsj6oAwGqBLUBT9CAhN_RF8jgtMiFBUCPoPq3vztU483K27QhEyAssyijGppGKIkdpBa1FkMv1ywju0l7rkqfn-IRtgHPB3_7Mkp6verle3ZdFAQhTcxPJ4slQm0b6LgjldV4imA-nqHda7VRcx0RoHDVojWX5ooXI6rS9AaPFhgJIHYSFTe-l2PMQY9W7ZclKrupGqwJIXfz0nnXel92xv2mDj9_fn70v-5_-zoakx7mmqIGmQuHDYYQJreNPIAGrbT_mKTjpM8ioAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMTMxMTE1MTY0MDU1OTUyNBgA&sigh=C29VYGG5F1g&uach_m=[UACH]&cid=CAQSOwCNIrLMgWTf6XLqwcTevpzeVLI77jWkExMbYlPNTk0tYh23XzaKWXklZFH-YpR77Nud4IQ-KA3hnDooGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=5905656858&adk=967909671&adf=876643155&pi=t.ma~as.5905656858&w=300&fwrn=16&psa=0&format=300x250&url=https%3A%2F%2Ftimes.hinet.net&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420426952&bpp=2&bdt=745&idt=145&shv=r20220413&mjsv=m202204180101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=1795433715493&frm=8&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420427&ga_hid=451399582&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1730313683&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067068%2C31067164%2C44761537%2C31061828%2C31067150%2C31066185&oid=2&pvsid=2023639261504748&pem=53&tmod=420444723&uas=0&nvt=1&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.eiiz9lbebpnp&fsb=1&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=5905656858&adk=967909671&adf=876643155&pi=t.ma~as.5905656858&w=300&fwrn=16&psa=0&format=300x250&url=https%3A%2F%2Ftimes.hinet.net&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420426952&bpp=2&bdt=745&idt=145&shv=r20220413&mjsv=m202204180101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=1795433715493&frm=8&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420427&ga_hid=451399582&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1730313683&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067068%2C31067164%2C44761537%2C31061828%2C31067150%2C31066185&oid=2&pvsid=2023639261504748&pem=53&tmod=420444723&uas=0&nvt=1&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.eiiz9lbebpnp&fsb=1&dtd=159
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 20 Apr 2022 02:07:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 1F77 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1j4p0hb2v5kzs3zsqh4gwebrxspebjgbre59rvs9ecg9sda0p0k3bd60nsf1r59txb8jyb6az724dt20d7kcgzhtypkk0qwbp478q8yhym01hsh1zk229nk8g93b4gtkmc4m9vgnkvexvr0yb55j5xwfp5mnbjx5ad93gjp0pewxmjfzy3g4x7j2a2kkc3n3kwx7b1y7znr5pwfsyt4cvd7ceeg78s0cz421r17cqsd57se4j4br1hb6p3je0xskg06h2078mgs4z0k6edsemevfgjn7qzjebvnm0kfrjadgyy02pw7ghjxnszzvk4gq4mb25zbq0gw7r5m805jmnjh8rgqhp2r6c29qmta5gtxvmetxf4wr5jbrw698q2ww6vk5gxez5edtj8bm43djfvjq1shbt&b=Yl9qywAMhNcIFUG7AAPHJ1lZ7C-vn5Q27QzyJA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=5905656858&adk=967909671&adf=876643155&pi=t.ma~as.5905656858&w=300&fwrn=16&psa=0&format=300x250&url=https%3A%2F%2Ftimes.hinet.net&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420426952&bpp=2&bdt=745&idt=145&shv=r20220413&mjsv=m202204180101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=1795433715493&frm=8&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420427&ga_hid=451399582&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1730313683&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067068%2C31067164%2C44761537%2C31061828%2C31067150%2C31066185&oid=2&pvsid=2023639261504748&pem=53&tmod=420444723&uas=0&nvt=1&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.eiiz9lbebpnp&fsb=1&dtd=159
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 20 Apr 2022 02:07:08 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame A39C 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kckxjfszspkxc6n65phzz2ys47scgpyfj1pqpartt2d5atqjv4myjwakgy36z30v83smn4ns9kbre2t5mjva8j04jf5aq87fhsxbpf8aaakg2393qxdafz7pc2jfv0j4rekmvrk4b4mr7gchwzvd1zw7839thrfv79yzagk5mydbbwb2xe02nrbgxe9hcks91qp7x4cbdcybyn2q5zaxpz8373kdh74dfwj7wqv2418bsy08aa7qd4tatm36vq9cztekgm3aaq1k9npf2jewfdb7mwbbta6kad6e7kbymhhst6e3nd50s94dn4v3dcqed5fhcqpvgec2xnj5ppq30d383xh2wbxbdahx5a68vk5s1bvpnxzbvtpzx0j7x42fv2fa41k34xxx2vex5asda0vyywvafax82c4sfgfqgyxp80eh5k9r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCT1uky2pfYteJMruD1fAPp46P0ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMzExMTUxNjQwNTU5NTI0oAHCrujdA8gBCakCYlyTrzAZsj6oAwGqBLgBT9CAhN_RF8jgtMiFBUCPoPq3vztU483K27QhEyAssyijGppGKIkdpBa1FkMv1ywju0l7rkqfn-IRtgHPB3_7Mkp6verle3ZdFAQhTcxPJ4slQm0b6LgjldV4imA-nqHda7VRcx0RoHDVojWX5ooXI6rS9AaPFhgJIHYSFTe-l2PMQY9W7ZclKrupGqwJIXex0FhFrabxhjUhRqmlN-wGhvp1VjA0i8NmWOuUYZ-ZIZ7F-ijN9FpTSIAGrbT_mKTjpM8ioAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3588SyTZCvL4z2WLfHh-vSPzt0xQ%26client%3Dca-pub-1311151640559524%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=5905656858&adk=967909671&adf=876643155&pi=t.ma~as.5905656858&w=300&fwrn=16&psa=0&format=300x250&url=https%3A%2F%2Ftimes.hinet.net&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420426952&bpp=2&bdt=745&idt=145&shv=r20220413&mjsv=m202204180101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=1795433715493&frm=8&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420427&ga_hid=451399582&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1730313683&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067068%2C31067164%2C44761537%2C31061828%2C31067150%2C31066185&oid=2&pvsid=2023639261504748&pem=53&tmod=420444723&uas=0&nvt=1&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.eiiz9lbebpnp&fsb=1&dtd=159
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81d26b359875c87f34c7a0f24dc6541c03e0f0f8e1936bc26a4833e3117d98c0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
6fea531beb8283a0-MXP
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:07:08 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4547 		1 KB
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=5905656858&adk=967909671&adf=876643155&pi=t.ma~as.5905656858&w=300&fwrn=16&psa=0&format=300x250&url=https%3A%2F%2Ftimes.hinet.net&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420426952&bpp=2&bdt=745&idt=145&shv=r20220413&mjsv=m202204180101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=1795433715493&frm=8&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420427&ga_hid=451399582&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1730313683&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067068%2C31067164%2C44761537%2C31061828%2C31067150%2C31066185&oid=2&pvsid=2023639261504748&pem=53&tmod=420444723&uas=0&nvt=1&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.eiiz9lbebpnp&fsb=1&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
72804
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 05:53:44 GMT
etag
48472445140208031
expires
Wed, 20 Apr 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1F77 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4a6aeff16a111eb44e2e4028949d3ba465aae914a2fd24884de951d36f08603

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
466606.gif
id.rlcdn.com/ Frame 4547 		42 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKyTvosyWNXU5nADkhnB2gPesF3Z7FdjiOTmYRUL2B4EYpx241pQvrrkBCKoofEnrD-CoPZ1LlC486u5IkTN0uIHLWV3HVw&google_gid=CAESELULovubTG-T5E-2mxtWiak&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=5905656858&adk=967909671&adf=876643155&pi=t.ma~as.5905656858&w=300&fwrn=16&psa=0&format=300x250&url=https%3A%2F%2Ftimes.hinet.net&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420426952&bpp=2&bdt=745&idt=145&shv=r20220413&mjsv=m202204180101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=1795433715493&frm=8&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420427&ga_hid=451399582&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1730313683&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067068%2C31067164%2C44761537%2C31061828%2C31067150%2C31066185&oid=2&pvsid=2023639261504748&pem=53&tmod=420444723&uas=0&nvt=1&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.eiiz9lbebpnp&fsb=1&dtd=159
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:08 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
sync
odr.mookie1.com/t/v2/ Frame 4547 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESELVbukf_nI2ic8dJVBW_qyY&google_push=AYg5qPKup5ZGNMIYWvNUuS6_GwJvYPNFop0OwZwlO8q0ntfaCvzIHtoy0zfw2tts69xOaAK3i6UrniS2B3Lh8m03Egx2CKodnOUn&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=5905656858&adk=967909671&adf=876643155&pi=t.ma~as.5905656858&w=300&fwrn=16&psa=0&format=300x250&url=https%3A%2F%2Ftimes.hinet.net&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420426952&bpp=2&bdt=745&idt=145&shv=r20220413&mjsv=m202204180101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=1795433715493&frm=8&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420427&ga_hid=451399582&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1730313683&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067068%2C31067164%2C44761537%2C31061828%2C31067150%2C31066185&oid=2&pvsid=2023639261504748&pem=53&tmod=420444723&uas=0&nvt=1&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.eiiz9lbebpnp&fsb=1&dtd=159
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:08 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 4547 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEA7vUIiKNt6hPdnhvlWHkZE&google_cver=1&google_push=AYg5qPKVaIbz1Rtdfz5YGekaExjfX5exw0lF6csaVJxAw44xbihZBa3sYOeK-9ep8y28tr6mRWuor3CpmwkrtdnBaVTuUoDZoM4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=5905656858&adk=967909671&adf=876643155&pi=t.ma~as.5905656858&w=300&fwrn=16&psa=0&format=300x250&url=https%3A%2F%2Ftimes.hinet.net&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420426952&bpp=2&bdt=745&idt=145&shv=r20220413&mjsv=m202204180101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=1795433715493&frm=8&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420427&ga_hid=451399582&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1730313683&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067068%2C31067164%2C44761537%2C31061828%2C31067150%2C31066185&oid=2&pvsid=2023639261504748&pem=53&tmod=420444723&uas=0&nvt=1&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.eiiz9lbebpnp&fsb=1&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:08 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
7sspde3p1k2e2bpl7k5abisqjc34e9vn
pixel
cm.g.doubleclick.net/ Frame 4547
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IoyaC54qQz6mybnIeIjyzQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IoyaC54qQz6mybnIeIjyzQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKHGLwpA3Nx5DI4wHN8o1Ds_Yy1DYVInk1Xi2WxrqnCpzko9RHl3Dx3neFh0GBxMvx9o18FCLCxqTVDMktweHtRChvFRGtA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=5905656858&adk=967909671&adf=876643155&pi=t.ma~as.5905656858&w=300&fwrn=16&psa=0&format=300x250&url=https%3A%2F%2Ftimes.hinet.net&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420426952&bpp=2&bdt=745&idt=145&shv=r20220413&mjsv=m202204180101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=1795433715493&frm=8&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420427&ga_hid=451399582&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1730313683&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067068%2C31067164%2C44761537%2C31061828%2C31067150%2C31066185&oid=2&pvsid=2023639261504748&pem=53&tmod=420444723&uas=0&nvt=1&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.eiiz9lbebpnp&fsb=1&dtd=159
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IoyaC54qQz6mybnIeIjyzQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKHGLwpA3Nx5DI4wHN8o1Ds_Yy1DYVInk1Xi2WxrqnCpzko9RHl3Dx3neFh0GBxMvx9o18FCLCxqTVDMktweHtRChvFRGtA
date
Wed, 20 Apr 2022 02:07:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 4547
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&google_gid=CAESEKNqyZwWUM33eFnGlhHyw4Y&google_cver=1&google_push=AYg5qPLypFV3xfpfj6ML6lwd2GL1-sUYLa23nEBws93wqnixCbTuQHTRK21Cksvyb5BAHYW2uEUCoQV...
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=5905656858&adk=967909671&adf=876643155&pi=t.ma~as.5905656858&w=300&fwrn=16&psa=0&format=300x250&url=https%3A%2F%2Ftimes.hinet.net&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420426952&bpp=2&bdt=745&idt=145&shv=r20220413&mjsv=m202204180101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=1795433715493&frm=8&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420427&ga_hid=451399582&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1730313683&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067068%2C31067164%2C44761537%2C31061828%2C31067150%2C31066185&oid=2&pvsid=2023639261504748&pem=53&tmod=420444723&uas=0&nvt=1&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.eiiz9lbebpnp&fsb=1&dtd=159
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cma
dsum-sec.casalemedia.com/ Frame 4547 		43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/cma?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_10}&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJyrz9BRRt7uS6Q4zOMDJ_gsE2KZyRstPpzBr_-SDRC2kYEBr-lKOB9ZEdzg30BTleiK1WsnP_I1DM9_Ok6EIj_yndqt2Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=5905656858&adk=967909671&adf=876643155&pi=t.ma~as.5905656858&w=300&fwrn=16&psa=0&format=300x250&url=https%3A%2F%2Ftimes.hinet.net&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420426952&bpp=2&bdt=745&idt=145&shv=r20220413&mjsv=m202204180101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=1795433715493&frm=8&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420427&ga_hid=451399582&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1730313683&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067068%2C31067164%2C44761537%2C31061828%2C31067150%2C31066185&oid=2&pvsid=2023639261504748&pem=53&tmod=420444723&uas=0&nvt=1&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.eiiz9lbebpnp&fsb=1&dtd=159
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Apr 2022 02:07:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 20 Apr 2022 02:07:08 GMT
googleredir
googlecm.hit.gemius.pl/ Frame 4547 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 4547 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I06q2IDgETjTqhOO6vqkuAjg0oYJYzBGf-T1PoCgBQFU2QVQZrH_uSAjDjc0jHgSTa8bV5KA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=5905656858&adk=967909671&adf=876643155&pi=t.ma~as.5905656858&w=300&fwrn=16&psa=0&format=300x250&url=https%3A%2F%2Ftimes.hinet.net&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650420426952&bpp=2&bdt=745&idt=145&shv=r20220413&mjsv=m202204180101&ptt=9&saldr=aa&cookie=ID%3D7aeb9a1e9fafdbfd%3AT%3D1650420409%3AS%3DALNI_MY4nsoSgtIttgD3_qwQatIYkQLgug&prev_fmts=0x0&nras=1&correlator=1795433715493&frm=8&ife=4&pv=1&ga_vid=1746851889.1650420409&ga_sid=1650420427&ga_hid=451399582&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1730313683&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067068%2C31067164%2C44761537%2C31061828%2C31067150%2C31066185&oid=2&pvsid=2023639261504748&pem=53&tmod=420444723&uas=0&nvt=1&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.eiiz9lbebpnp&fsb=1&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:08 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
ads
pubads.g.doubleclick.net/gampad/ Frame F5BD 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F37275962%2Frmaxspace%2Fb286994e7b3d4618&description_url=litv.tv&env=vp&correlator=317703414847907&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C854x480&cust_params=adx_region%3DTWN&unviewed_position_start=1&vpa=auto&vpmute=1&sdkv=h.3.510.1&osd=2&frm=2&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=2130998149&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.510.1&sid=18DBA3E8-86C4-4C84-A366-8FCD4C6FF974&nel=0&eid=44725355%2C44738438%2C44750822%2C44752711%2C44758348%2C44761692&url=https%3A%2F%2Ftimes.hinet.net&ref=https%3A%2F%2Fwww.hinet.net%2F&dlt=1650420411323&idt=1964&dt=1650420427610&scor=60616543525648&ged=ve4_td17_tt15_pd17_la17000_er0.0.0.0_vi0.0.168.300_vp0_ts1_eb16747
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.510.1_zh_tw.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame A39C 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kckxjfszspkxc6n65phzz2ys47scgpyfj1pqpartt2d5atqjv4myjwakgy36z30v83smn4ns9kbre2t5mjva8j04jf5aq87fhsxbpf8aaakg2393qxdafz7pc2jfv0j4rekmvrk4b4mr7gchwzvd1zw7839thrfv79yzagk5mydbbwb2xe02nrbgxe9hcks91qp7x4cbdcybyn2q5zaxpz8373kdh74dfwj7wqv2418bsy08aa7qd4tatm36vq9cztekgm3aaq1k9npf2jewfdb7mwbbta6kad6e7kbymhhst6e3nd50s94dn4v3dcqed5fhcqpvgec2xnj5ppq30d383xh2wbxbdahx5a68vk5s1bvpnxzbvtpzx0j7x42fv2fa41k34xxx2vex5asda0vyywvafax82c4sfgfqgyxp80eh5k9r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCT1uky2pfYteJMruD1fAPp46P0ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMzExMTUxNjQwNTU5NTI0oAHCrujdA8gBCakCYlyTrzAZsj6oAwGqBLgBT9CAhN_RF8jgtMiFBUCPoPq3vztU483K27QhEyAssyijGppGKIkdpBa1FkMv1ywju0l7rkqfn-IRtgHPB3_7Mkp6verle3ZdFAQhTcxPJ4slQm0b6LgjldV4imA-nqHda7VRcx0RoHDVojWX5ooXI6rS9AaPFhgJIHYSFTe-l2PMQY9W7ZclKrupGqwJIXex0FhFrabxhjUhRqmlN-wGhvp1VjA0i8NmWOuUYZ-ZIZ7F-ijN9FpTSIAGrbT_mKTjpM8ioAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3588SyTZCvL4z2WLfHh-vSPzt0xQ%26client%3Dca-pub-1311151640559524%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kckxjfszspkxc6n65phzz2ys47scgpyfj1pqpartt2d5atqjv4myjwakgy36z30v83smn4ns9kbre2t5mjva8j04jf5aq87fhsxbpf8aaakg2393qxdafz7pc2jfv0j4rekmvrk4b4mr7gchwzvd1zw7839thrfv79yzagk5mydbbwb2xe02nrbgxe9hcks91qp7x4cbdcybyn2q5zaxpz8373kdh74dfwj7wqv2418bsy08aa7qd4tatm36vq9cztekgm3aaq1k9npf2jewfdb7mwbbta6kad6e7kbymhhst6e3nd50s94dn4v3dcqed5fhcqpvgec2xnj5ppq30d383xh2wbxbdahx5a68vk5s1bvpnxzbvtpzx0j7x42fv2fa41k34xxx2vex5asda0vyywvafax82c4sfgfqgyxp80eh5k9r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCT1uky2pfYteJMruD1fAPp46P0ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMzExMTUxNjQwNTU5NTI0oAHCrujdA8gBCakCYlyTrzAZsj6oAwGqBLgBT9CAhN_RF8jgtMiFBUCPoPq3vztU483K27QhEyAssyijGppGKIkdpBa1FkMv1ywju0l7rkqfn-IRtgHPB3_7Mkp6verle3ZdFAQhTcxPJ4slQm0b6LgjldV4imA-nqHda7VRcx0RoHDVojWX5ooXI6rS9AaPFhgJIHYSFTe-l2PMQY9W7ZclKrupGqwJIXex0FhFrabxhjUhRqmlN-wGhvp1VjA0i8NmWOuUYZ-ZIZ7F-ijN9FpTSIAGrbT_mKTjpM8ioAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3588SyTZCvL4z2WLfHh-vSPzt0xQ%26client%3Dca-pub-1311151640559524%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:08 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
1158117
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Wed, 06 Apr 2022 16:25:11 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
x-download-options
noopen
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6fea531e780959ef-MXP
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame A39C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kckxjfszspkxc6n65phzz2ys47scgpyfj1pqpartt2d5atqjv4myjwakgy36z30v83smn4ns9kbre2t5mjva8j04jf5aq87fhsxbpf8aaakg2393qxdafz7pc2jfv0j4rekmvrk4b4mr7gchwzvd1zw7839thrfv79yzagk5mydbbwb2xe02nrbgxe9hcks91qp7x4cbdcybyn2q5zaxpz8373kdh74dfwj7wqv2418bsy08aa7qd4tatm36vq9cztekgm3aaq1k9npf2jewfdb7mwbbta6kad6e7kbymhhst6e3nd50s94dn4v3dcqed5fhcqpvgec2xnj5ppq30d383xh2wbxbdahx5a68vk5s1bvpnxzbvtpzx0j7x42fv2fa41k34xxx2vex5asda0vyywvafax82c4sfgfqgyxp80eh5k9r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCT1uky2pfYteJMruD1fAPp46P0ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMzExMTUxNjQwNTU5NTI0oAHCrujdA8gBCakCYlyTrzAZsj6oAwGqBLgBT9CAhN_RF8jgtMiFBUCPoPq3vztU483K27QhEyAssyijGppGKIkdpBa1FkMv1ywju0l7rkqfn-IRtgHPB3_7Mkp6verle3ZdFAQhTcxPJ4slQm0b6LgjldV4imA-nqHda7VRcx0RoHDVojWX5ooXI6rS9AaPFhgJIHYSFTe-l2PMQY9W7ZclKrupGqwJIXex0FhFrabxhjUhRqmlN-wGhvp1VjA0i8NmWOuUYZ-ZIZ7F-ijN9FpTSIAGrbT_mKTjpM8ioAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3588SyTZCvL4z2WLfHh-vSPzt0xQ%26client%3Dca-pub-1311151640559524%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfcdd352bb06fcc5c0e6f3f9b96e0c9a7d42f99b94473534d5131dcb4a104ec9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=RQuziQ==, md5=aEKpUkwBcgJ5WaD3yT+HcA==
date
Wed, 20 Apr 2022 02:07:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
51332
x-guploader-uploadid
ADPycdsjbbGwoClAviClI_b-RVGsj419bRsgc2aQTBcPeuotIInjk03xCTJ5ZFya9lTCf2IXRkywzizAjOFu7NjVd8qPMQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 05 Apr 2022 11:51:07 GMT
server
cloudflare
etag
W/"6842a9524c0172027959a0f7c93f8770"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBwbWJ0sf3cWiCM4dKFvay9PiQpqCl553RPLcsqbooVP6jnXwLYgrZV1PXFqKUxt7uKRxb54Tq%2FX20hAeeDpxJx36k3GA%2BlphfY%2BAA%2F54IlwJaJ0xQDsIyJ5bDuNZrX1p30knNg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1649159467260020
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11886
cf-ray
6fea531e6ea183a0-MXP
expires
Tue, 19 Apr 2022 11:51:36 GMT
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 9DEF 		40 B
571 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash
524d52ec2655ed292ba2fa5e467ad74afb001d1615a5b439c250957215206de8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 20 Apr 2022 02:07:10 GMT
Via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-C1
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
40
X-Amz-Cf-Id
4KctU3XH3b6U6R3PgWGlmQLvqZgXkETEcs_A1A6ItsbUOdPvIPy8nw==
truncated
/ Frame 9DEF 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e222adace575902a83a50c0a263cd2501c661729ac3134b2c1d6f7a7fba310fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Wed, 20 Apr 2022 02:07:09 GMT
Via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
X-Amz-Cf-Id
1TiT8IPTpPjTisJBgdDOY2vMPMZMP_4jccYkb8tG-CKMF0GVM55NuA==
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Wed, 20 Apr 2022 02:07:09 GMT
Via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
8V8DQY1XSjRuvg280wX54ZSjqK3fEghovTp_N3rOXwieAA8yVeCy4A==
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 9DEF 		363 B
862 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-105.fra56.r.cloudfront.net
Software
/
Resource Hash
90376fe788cc5c4262dae5282e87530ac4c714683b2a6dafc0980cbd89126c04

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 20 Apr 2022 02:07:09 GMT
Via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
363
X-Amz-Cf-Id
vROxS7ffgHyf1nOPBZQVOc_HH3s0aHrK3X0kUq7fWZOclhu0i3hm4w==
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A39C 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Wed, 20 Apr 2022 02:07:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
27178029
x-guploader-uploadid
ABg5-UxSjUjrRZn0Qh0o7bl53fEaHcVGOMgniw-BD1hW-i7497grr2ADHPnjcztxMTwRF-eAuQva7DgEToW9nRlk5Ok
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5cFvN36kIF20c7hy2XNU8z7W4DdmzoZ5QQSgCEx6ED49GWtzRagqS8toLn%2F6%2BOMBcgmWUIbp88248Ui%2F4ClZMrfVUiH%2Fi4LKmUS1t8uxfHfXKWIHfDeDm5w%2B6XxrwLf%2B4nPx06kbLgljnW%2BvipmyW9W"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6fea531f6cfff917-MXP
expires
Thu, 09 Jun 2022 12:39:07 GMT
frame.html
ad4m.at/ Frame 1679 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1209639
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
6fea531f08c059ef-MXP
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 20 Apr 2022 02:07:08 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Wed, 20 Apr 2022 03:07:08 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTZTW%2FLoC2cgX3eJUxmFPXTBnQyy0906JR%2FwqkBL0gIslf6hra1AzkhQ8FXgrE3u%2BjMhvcwuMEAjSz%2FC%2FdI%2FvplL7K3i3b%2BUAbuGE7KngQ4%2F4UZeqLNxWgQZ9Cs8Jf0w2LvViHk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-generation
1588777770164783
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-meta-
x-goog-metageneration
3
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-guploader-uploadid
ADPycdunJgVlrvJk1i4V6EeqzatPhaSnLm6oIWOTelRdPaqnkcFkkR_BCVkP3mYoCL4WPcEUy1UhJuTUv7ryZUo5tpCgVZe-wQ
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6fea531f9ac55a3d-MXP
content-length
24
content-type
text/plain
date
Wed, 20 Apr 2022 02:07:08 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDByTrXYB6v2OXPmXc21SBDXUjNUbm27HpBu2MiwQVDPhMmsqycMiQgRL0iJgUlaRy%2Bx8YgdLJISuRoumuYiM2JIuIlSHVp%2BgMmqTztvFKt%2Fr1sinWfTi5udyuq8ED%2Fpsx2a948%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-4w5m
rs
ad4m.at/ Frame A39C 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57b9ffddaca412f29c9d6ea278d99792ded8d7fe8a338a9de315f9798ca5b954

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6fea531feb0d5a3d-MXP
date
Wed, 20 Apr 2022 02:07:08 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOoDQB6ACUjcj0mJCVVSgcHQMCPh%2Fy6AhONWtcyu1qbezy4Z5jWpO2oT5LzARVNIAYNpwp96aa69gL%2FhRp27K8GUV3Y8LyrLPfnYWP8HJy2ZU9SuMYvOO7Um97uKtr4CNykbuN8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-4w5m
view
securepubads.g.doubleclick.net/pcs/ Frame E69F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssKFjmojz8jiWuNRJOSp-Jr70v3O2aibXP-zDQUS5-1Rj629wZWSyGN7aqdfjz3VHyg4H4Az3O32-LpLMC_H6lfJpQ4XCUTewHAZl8I3KAbmS3aEC03WNEhEiLSYbyslsrSGCSnG0LbREubgJlIUogVla4mg4Y2ZxWF4Hph2WamHvsD2AYSgoHuZR3hYk21xLthwdaqUwNtZxQXCyMcBDzUstdi4roXPfu0DFxDWjOJMMyi6Z-Pg3ADljhYpqp0kqwT3fqZ_hL_7TL6wANaPgOFnkU2vj7jB3QISNzgzZ1TtCQg6f6ZvNPk24sJY0rt8unTDBRS&sig=Cg0ArKJSzP-zslvu7_LxEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssp.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 20 Apr 2022 02:07:08 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E69F 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220413&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1311151640559524&plah=ssp.hinet.net&bust=31067164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ec6a1b01506113ebf3b2f0e3a294c7c3dad49dac98ad9263d2311a72b0ddc78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssp.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10517
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7E10 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6917bf576e81a442917764b17f989131d74030c60e62f63bca81851538b426c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssp.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 02:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10588
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E69F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1311151640559524&plah=ssp.hinet.net&bust=31067164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssp.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Apr 2022 02:07:08 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7E10 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssp.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Apr 2022 02:07:08 GMT
rar
as.ad4m.at/ad/ Frame 28A0 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=23576%2C24673%2C161594&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7%2CQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhV&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9%2C2xqt6fRQf7dpeuVHWHktwCxx5FWT7TEYcg&c=300&d=250&e=kNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2&g=75e2e0e12ed8e06c79e0281a6d9eb004%2F12491391463658526478&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1650420428807&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzttetbp0s3bamsjjwd8amq90ket490m9qey1vznv5d48hmdtgzq7sxj8kzshy61mante2dzsv1nhr88yhwz98jt8k7nk7720agc3dxzqhf8j85ybc0437r07a5xka25xass6sq0c5hrqc2bsd7s74gvnmp631y723wesjvdf1dvjw92a4jmc43zvp3vnfmwfywdhjk61r6e8amcrxbjzh6acfnhsg4p2mhh3yr9ymc7nvvga27n3k2zb301yg5rghyret9rveeesh5dapg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCT1uky2pfYteJMruD1fAPp46P0ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMzExMTUxNjQwNTU5NTI0oAHCrujdA8gBCakCYlyTrzAZsj6oAwGqBLgBT9CAhN_RF8jgtMiFBUCPoPq3vztU483K27QhEyAssyijGppGKIkdpBa1FkMv1ywju0l7rkqfn-IRtgHPB3_7Mkp6verle3ZdFAQhTcxPJ4slQm0b6LgjldV4imA-nqHda7VRcx0RoHDVojWX5ooXI6rS9AaPFhgJIHYSFTe-l2PMQY9W7ZclKrupGqwJIXex0FhFrabxhjUhRqmlN-wGhvp1VjA0i8NmWOuUYZ-ZIZ7F-ijN9FpTSIAGrbT_mKTjpM8ioAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3588SyTZCvL4z2WLfHh-vSPzt0xQ%2526client%253Dca-pub-1311151640559524%2526adurl%253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6132ffa2799ce6e554be2ab3d675633bb76eae6ac93a5adac455def3b9340bc6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1kckxjfszspkxc6n65phzz2ys47scgpyfj1pqpartt2d5atqjv4myjwakgy36z30v83smn4ns9kbre2t5mjva8j04jf5aq87fhsxbpf8aaakg2393qxdafz7pc2jfv0j4rekmvrk4b4mr7gchwzvd1zw7839thrfv79yzagk5mydbbwb2xe02nrbgxe9hcks91qp7x4cbdcybyn2q5zaxpz8373kdh74dfwj7wqv2418bsy08aa7qd4tatm36vq9cztekgm3aaq1k9npf2jewfdb7mwbbta6kad6e7kbymhhst6e3nd50s94dn4v3dcqed5fhcqpvgec2xnj5ppq30d383xh2wbxbdahx5a68vk5s1bvpnxzbvtpzx0j7x42fv2fa41k34xxx2vex5asda0vyywvafax82c4sfgfqgyxp80eh5k9r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCT1uky2pfYteJMruD1fAPp46P0ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMzExMTUxNjQwNTU5NTI0oAHCrujdA8gBCakCYlyTrzAZsj6oAwGqBLgBT9CAhN_RF8jgtMiFBUCPoPq3vztU483K27QhEyAssyijGppGKIkdpBa1FkMv1ywju0l7rkqfn-IRtgHPB3_7Mkp6verle3ZdFAQhTcxPJ4slQm0b6LgjldV4imA-nqHda7VRcx0RoHDVojWX5ooXI6rS9AaPFhgJIHYSFTe-l2PMQY9W7ZclKrupGqwJIXex0FhFrabxhjUhRqmlN-wGhvp1VjA0i8NmWOuUYZ-ZIZ7F-ijN9FpTSIAGrbT_mKTjpM8ioAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3588SyTZCvL4z2WLfHh-vSPzt0xQ%26client%3Dca-pub-1311151640559524%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
6fea53207aba59ef-MXP
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:07:08 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 117C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ssp.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
16012
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 21:40:16 GMT
expires
Wed, 19 Apr 2023 21:40:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1615 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
29e07993c302ea7830adb7086147f5d7476968158d2ca9e1d1a0fd336a5f02b8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Hv0yHDTZZYhElJkiRlTonQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssp.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-Hv0yHDTZZYhElJkiRlTonQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:07:08 GMT
expires
Wed, 20 Apr 2022 02:07:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5E2F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ssp.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
16012
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 21:40:16 GMT
expires
Wed, 19 Apr 2023 21:40:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 161D 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0f97bafe5e927c4be851183087aed6b3250a64eab3499a76b7519d7137d18c56
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WKIVo4iiAFahfitObVxKJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssp.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-WKIVo4iiAFahfitObVxKJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 02:07:08 GMT
expires
Wed, 20 Apr 2022 02:07:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 28A0 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C24673%2C161594&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7%2CQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhV&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9%2C2xqt6fRQf7dpeuVHWHktwCxx5FWT7TEYcg&c=300&d=250&e=kNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2&g=75e2e0e12ed8e06c79e0281a6d9eb004%2F12491391463658526478&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1650420428807&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzttetbp0s3bamsjjwd8amq90ket490m9qey1vznv5d48hmdtgzq7sxj8kzshy61mante2dzsv1nhr88yhwz98jt8k7nk7720agc3dxzqhf8j85ybc0437r07a5xka25xass6sq0c5hrqc2bsd7s74gvnmp631y723wesjvdf1dvjw92a4jmc43zvp3vnfmwfywdhjk61r6e8amcrxbjzh6acfnhsg4p2mhh3yr9ymc7nvvga27n3k2zb301yg5rghyret9rveeesh5dapg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCT1uky2pfYteJMruD1fAPp46P0ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMzExMTUxNjQwNTU5NTI0oAHCrujdA8gBCakCYlyTrzAZsj6oAwGqBLgBT9CAhN_RF8jgtMiFBUCPoPq3vztU483K27QhEyAssyijGppGKIkdpBa1FkMv1ywju0l7rkqfn-IRtgHPB3_7Mkp6verle3ZdFAQhTcxPJ4slQm0b6LgjldV4imA-nqHda7VRcx0RoHDVojWX5ooXI6rS9AaPFhgJIHYSFTe-l2PMQY9W7ZclKrupGqwJIXex0FhFrabxhjUhRqmlN-wGhvp1VjA0i8NmWOuUYZ-ZIZ7F-ijN9FpTSIAGrbT_mKTjpM8ioAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3588SyTZCvL4z2WLfHh-vSPzt0xQ%2526client%253Dca-pub-1311151640559524%2526adurl%253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=23576%2C24673%2C161594&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7%2CQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhV&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9%2C2xqt6fRQf7dpeuVHWHktwCxx5FWT7TEYcg&c=300&d=250&e=kNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2&g=75e2e0e12ed8e06c79e0281a6d9eb004%2F12491391463658526478&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1650420428807&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzttetbp0s3bamsjjwd8amq90ket490m9qey1vznv5d48hmdtgzq7sxj8kzshy61mante2dzsv1nhr88yhwz98jt8k7nk7720agc3dxzqhf8j85ybc0437r07a5xka25xass6sq0c5hrqc2bsd7s74gvnmp631y723wesjvdf1dvjw92a4jmc43zvp3vnfmwfywdhjk61r6e8amcrxbjzh6acfnhsg4p2mhh3yr9ymc7nvvga27n3k2zb301yg5rghyret9rveeesh5dapg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCT1uky2pfYteJMruD1fAPp46P0ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMzExMTUxNjQwNTU5NTI0oAHCrujdA8gBCakCYlyTrzAZsj6oAwGqBLgBT9CAhN_RF8jgtMiFBUCPoPq3vztU483K27QhEyAssyijGppGKIkdpBa1FkMv1ywju0l7rkqfn-IRtgHPB3_7Mkp6verle3ZdFAQhTcxPJ4slQm0b6LgjldV4imA-nqHda7VRcx0RoHDVojWX5ooXI6rS9AaPFhgJIHYSFTe-l2PMQY9W7ZclKrupGqwJIXex0FhFrabxhjUhRqmlN-wGhvp1VjA0i8NmWOuUYZ-ZIZ7F-ijN9FpTSIAGrbT_mKTjpM8ioAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3588SyTZCvL4z2WLfHh-vSPzt0xQ%2526client%253Dca-pub-1311151640559524%2526adurl%253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:09 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
1158118
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Wed, 06 Apr 2022 16:25:11 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
x-download-options
noopen
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6fea53213b8559ef-MXP
cf-bgj
minify
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 28A0 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C24673%2C161594&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7%2CQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhV&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9%2C2xqt6fRQf7dpeuVHWHktwCxx5FWT7TEYcg&c=300&d=250&e=kNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2&g=75e2e0e12ed8e06c79e0281a6d9eb004%2F12491391463658526478&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1650420428807&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzttetbp0s3bamsjjwd8amq90ket490m9qey1vznv5d48hmdtgzq7sxj8kzshy61mante2dzsv1nhr88yhwz98jt8k7nk7720agc3dxzqhf8j85ybc0437r07a5xka25xass6sq0c5hrqc2bsd7s74gvnmp631y723wesjvdf1dvjw92a4jmc43zvp3vnfmwfywdhjk61r6e8amcrxbjzh6acfnhsg4p2mhh3yr9ymc7nvvga27n3k2zb301yg5rghyret9rveeesh5dapg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCT1uky2pfYteJMruD1fAPp46P0ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMzExMTUxNjQwNTU5NTI0oAHCrujdA8gBCakCYlyTrzAZsj6oAwGqBLgBT9CAhN_RF8jgtMiFBUCPoPq3vztU483K27QhEyAssyijGppGKIkdpBa1FkMv1ywju0l7rkqfn-IRtgHPB3_7Mkp6verle3ZdFAQhTcxPJ4slQm0b6LgjldV4imA-nqHda7VRcx0RoHDVojWX5ooXI6rS9AaPFhgJIHYSFTe-l2PMQY9W7ZclKrupGqwJIXex0FhFrabxhjUhRqmlN-wGhvp1VjA0i8NmWOuUYZ-ZIZ7F-ijN9FpTSIAGrbT_mKTjpM8ioAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3588SyTZCvL4z2WLfHh-vSPzt0xQ%2526client%253Dca-pub-1311151640559524%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Wed, 20 Apr 2022 02:07:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
505788
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycdtEN5BLso_pYq9sWvdXvo3kNoMcEnVBWSjkx4P4RyMSkNOYbidAswbSjObgZTW-DoAkzw-0BYkT95l4-MgF5CUlvzdhSToN
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXmdpMsQNwywU6HYhXeztfoRsAFX4erSolrZh1xXzfzQgZ3wIXpnyqUv2MWBTKkPH2gCeJqeo6mWNu1NzA1PNjKcgwxZ80nL%2B5gRtnAlECrypuNa%2BDOxlR6LoGh6gOR%2FUWRI9M7aYkmeSsxm"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Thu, 21 Apr 2022 02:07:09 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
6fea53214a3983a0-MXP
cf-bgj
imgq:85,h2pri
F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 28A0 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C24673%2C161594&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7%2CQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhV&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9%2C2xqt6fRQf7dpeuVHWHktwCxx5FWT7TEYcg&c=300&d=250&e=kNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2&g=75e2e0e12ed8e06c79e0281a6d9eb004%2F12491391463658526478&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1650420428807&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzttetbp0s3bamsjjwd8amq90ket490m9qey1vznv5d48hmdtgzq7sxj8kzshy61mante2dzsv1nhr88yhwz98jt8k7nk7720agc3dxzqhf8j85ybc0437r07a5xka25xass6sq0c5hrqc2bsd7s74gvnmp631y723wesjvdf1dvjw92a4jmc43zvp3vnfmwfywdhjk61r6e8amcrxbjzh6acfnhsg4p2mhh3yr9ymc7nvvga27n3k2zb301yg5rghyret9rveeesh5dapg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCT1uky2pfYteJMruD1fAPp46P0ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMzExMTUxNjQwNTU5NTI0oAHCrujdA8gBCakCYlyTrzAZsj6oAwGqBLgBT9CAhN_RF8jgtMiFBUCPoPq3vztU483K27QhEyAssyijGppGKIkdpBa1FkMv1ywju0l7rkqfn-IRtgHPB3_7Mkp6verle3ZdFAQhTcxPJ4slQm0b6LgjldV4imA-nqHda7VRcx0RoHDVojWX5ooXI6rS9AaPFhgJIHYSFTe-l2PMQY9W7ZclKrupGqwJIXex0FhFrabxhjUhRqmlN-wGhvp1VjA0i8NmWOuUYZ-ZIZ7F-ijN9FpTSIAGrbT_mKTjpM8ioAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3588SyTZCvL4z2WLfHh-vSPzt0xQ%2526client%253Dca-pub-1311151640559524%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=I4uEDQ==, md5=w0ixd5U6xXIINsBOGiFnPQ==
date
Wed, 20 Apr 2022 02:07:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
529452
cf-polished
qual=85, origFmt=jpeg, origSize=132437
x-guploader-uploadid
ADPycds62x1E-io21q1rdQIuHZ2XxzXmealv8cHk4DA0-_aJZC-thlytvvWnTWsZaXvPMZl5noaEzS5wM3wvlbDWC2VSosy_sLkL
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23154
last-modified
Thu, 09 Dec 2021 17:51:23 GMT
server
cloudflare
etag
"c348b177953ac5720836c04e1a21673d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZlo8HySX0zRtUnYeEwdb3YsaYgRZKjO3D7iJNz4kRugIzb77oiyj5tsnulSxz%2FV4raUi6uWnnt9dXxN1adwSWcim%2F4nyuDOMVADSPQc1JugQ4xdp12v%2FBRBNU3N%2FH1oNNDCaHZa9V6EMihQ"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1639072283176296
content-type
image/webp
expires
Thu, 21 Apr 2022 02:07:09 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
132437
accept-ranges
bytes
cf-ray
6fea53214a5383a0-MXP
cf-bgj
imgq:85,h2pri
/
partner.o2online.de/a/ Frame 28A0
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidkNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2asuid__suite_Netmix_Reach13_BlackFridayPush&gd...
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidkNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_c...
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022042004070967343752997X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidkNSzJmw...
49 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022042004070967343752997X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidkNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2asuid__suite_Netmix_Reach13_BlackFridayPush&spid=2022042004070967343752997X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidkNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2asuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C24673%2C161594&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7%2CQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhV&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9%2C2xqt6fRQf7dpeuVHWHktwCxx5FWT7TEYcg&c=300&d=250&e=kNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2&g=75e2e0e12ed8e06c79e0281a6d9eb004%2F12491391463658526478&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1650420428807&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzttetbp0s3bamsjjwd8amq90ket490m9qey1vznv5d48hmdtgzq7sxj8kzshy61mante2dzsv1nhr88yhwz98jt8k7nk7720agc3dxzqhf8j85ybc0437r07a5xka25xass6sq0c5hrqc2bsd7s74gvnmp631y723wesjvdf1dvjw92a4jmc43zvp3vnfmwfywdhjk61r6e8amcrxbjzh6acfnhsg4p2mhh3yr9ymc7nvvga27n3k2zb301yg5rghyret9rveeesh5dapg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCT1uky2pfYteJMruD1fAPp46P0ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMzExMTUxNjQwNTU5NTI0oAHCrujdA8gBCakCYlyTrzAZsj6oAwGqBLgBT9CAhN_RF8jgtMiFBUCPoPq3vztU483K27QhEyAssyijGppGKIkdpBa1FkMv1ywju0l7rkqfn-IRtgHPB3_7Mkp6verle3ZdFAQhTcxPJ4slQm0b6LgjldV4imA-nqHda7VRcx0RoHDVojWX5ooXI6rS9AaPFhgJIHYSFTe-l2PMQY9W7ZclKrupGqwJIXex0FhFrabxhjUhRqmlN-wGhvp1VjA0i8NmWOuUYZ-ZIZ7F-ijN9FpTSIAGrbT_mKTjpM8ioAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3588SyTZCvL4z2WLfHh-vSPzt0xQ%2526client%253Dca-pub-1311151640559524%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Server
78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads1.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 02:07:09 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022042004070967343752997X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidkNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2asuid__suite_Netmix_Reach13_BlackFridayPush&spid=2022042004070967343752997X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidkNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2asuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211
date
Wed, 20 Apr 2022 02:07:09 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 28A0 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C24673%2C161594&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7%2CQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhV&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9%2C2xqt6fRQf7dpeuVHWHktwCxx5FWT7TEYcg&c=300&d=250&e=kNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2&g=75e2e0e12ed8e06c79e0281a6d9eb004%2F12491391463658526478&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1650420428807&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzttetbp0s3bamsjjwd8amq90ket490m9qey1vznv5d48hmdtgzq7sxj8kzshy61mante2dzsv1nhr88yhwz98jt8k7nk7720agc3dxzqhf8j85ybc0437r07a5xka25xass6sq0c5hrqc2bsd7s74gvnmp631y723wesjvdf1dvjw92a4jmc43zvp3vnfmwfywdhjk61r6e8amcrxbjzh6acfnhsg4p2mhh3yr9ymc7nvvga27n3k2zb301yg5rghyret9rveeesh5dapg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCT1uky2pfYteJMruD1fAPp46P0ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMzExMTUxNjQwNTU5NTI0oAHCrujdA8gBCakCYlyTrzAZsj6oAwGqBLgBT9CAhN_RF8jgtMiFBUCPoPq3vztU483K27QhEyAssyijGppGKIkdpBa1FkMv1ywju0l7rkqfn-IRtgHPB3_7Mkp6verle3ZdFAQhTcxPJ4slQm0b6LgjldV4imA-nqHda7VRcx0RoHDVojWX5ooXI6rS9AaPFhgJIHYSFTe-l2PMQY9W7ZclKrupGqwJIXex0FhFrabxhjUhRqmlN-wGhvp1VjA0i8NmWOuUYZ-ZIZ7F-ijN9FpTSIAGrbT_mKTjpM8ioAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3588SyTZCvL4z2WLfHh-vSPzt0xQ%2526client%253Dca-pub-1311151640559524%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Wed, 20 Apr 2022 02:07:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
508717
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ADPycdvC2InmMh-zrAR50ZZj4GRb4PITbs3t0e--z8vzdk_8NM4gnF__p5aencKUwD_dZ926qCAcK4U8oxQMKBAAr6ZtqgXO--3m
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sof%2BhpNm%2BqLO4XwdYD9zyMBwrqrNf5aTh8HM709n4GHZ4K%2Fp1YKT%2Bqm3JWyHfvTmkeFK85oPG6U09u1ifC%2FR%2BnNSsEjP4DVWDz5FMqoX1DIvO%2FZPddF8f4hqzKzNzf21LT1PlYKUhlrX5%2F96"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Thu, 21 Apr 2022 02:07:09 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
6fea53214a5783a0-MXP
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 28A0 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C24673%2C161594&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7%2CQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhV&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9%2C2xqt6fRQf7dpeuVHWHktwCxx5FWT7TEYcg&c=300&d=250&e=kNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2&g=75e2e0e12ed8e06c79e0281a6d9eb004%2F12491391463658526478&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1650420428807&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzttetbp0s3bamsjjwd8amq90ket490m9qey1vznv5d48hmdtgzq7sxj8kzshy61mante2dzsv1nhr88yhwz98jt8k7nk7720agc3dxzqhf8j85ybc0437r07a5xka25xass6sq0c5hrqc2bsd7s74gvnmp631y723wesjvdf1dvjw92a4jmc43zvp3vnfmwfywdhjk61r6e8amcrxbjzh6acfnhsg4p2mhh3yr9ymc7nvvga27n3k2zb301yg5rghyret9rveeesh5dapg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCT1uky2pfYteJMruD1fAPp46P0ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMzExMTUxNjQwNTU5NTI0oAHCrujdA8gBCakCYlyTrzAZsj6oAwGqBLgBT9CAhN_RF8jgtMiFBUCPoPq3vztU483K27QhEyAssyijGppGKIkdpBa1FkMv1ywju0l7rkqfn-IRtgHPB3_7Mkp6verle3ZdFAQhTcxPJ4slQm0b6LgjldV4imA-nqHda7VRcx0RoHDVojWX5ooXI6rS9AaPFhgJIHYSFTe-l2PMQY9W7ZclKrupGqwJIXex0FhFrabxhjUhRqmlN-wGhvp1VjA0i8NmWOuUYZ-ZIZ7F-ijN9FpTSIAGrbT_mKTjpM8ioAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3588SyTZCvL4z2WLfHh-vSPzt0xQ%2526client%253Dca-pub-1311151640559524%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Wed, 20 Apr 2022 02:07:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2452650
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ADPycdsptdp2JHMudyhma4_tRan-1sTXAWuZeU75iOPGSiSi3VWFAgWEo44SxaKV6Y1BqyBrraPCApnQwJCEnDNAE14
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85727
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BgOSoLgvFPDS%2F%2FE0G8m%2Bjui1aVWOBygXACEIxsAJmUp89CoEd7ADCNQyS6X1WzIyhEIQgLWvhup%2Fi9WrVeX6DxaTlXbVTqxrlnl5oECVfTGbB1W%2B74LJj%2BbpvvjyC0dbUouZ46nUQzFyx8Lm"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Thu, 21 Apr 2022 02:07:09 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
6fea53215a5883a0-MXP
cf-bgj
imgq:85,h2pri
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 28A0 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C24673%2C161594&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7%2CQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhV&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9%2C2xqt6fRQf7dpeuVHWHktwCxx5FWT7TEYcg&c=300&d=250&e=kNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2&g=75e2e0e12ed8e06c79e0281a6d9eb004%2F12491391463658526478&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1650420428807&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzttetbp0s3bamsjjwd8amq90ket490m9qey1vznv5d48hmdtgzq7sxj8kzshy61mante2dzsv1nhr88yhwz98jt8k7nk7720agc3dxzqhf8j85ybc0437r07a5xka25xass6sq0c5hrqc2bsd7s74gvnmp631y723wesjvdf1dvjw92a4jmc43zvp3vnfmwfywdhjk61r6e8amcrxbjzh6acfnhsg4p2mhh3yr9ymc7nvvga27n3k2zb301yg5rghyret9rveeesh5dapg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCT1uky2pfYteJMruD1fAPp46P0ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMzExMTUxNjQwNTU5NTI0oAHCrujdA8gBCakCYlyTrzAZsj6oAwGqBLgBT9CAhN_RF8jgtMiFBUCPoPq3vztU483K27QhEyAssyijGppGKIkdpBa1FkMv1ywju0l7rkqfn-IRtgHPB3_7Mkp6verle3ZdFAQhTcxPJ4slQm0b6LgjldV4imA-nqHda7VRcx0RoHDVojWX5ooXI6rS9AaPFhgJIHYSFTe-l2PMQY9W7ZclKrupGqwJIXex0FhFrabxhjUhRqmlN-wGhvp1VjA0i8NmWOuUYZ-ZIZ7F-ijN9FpTSIAGrbT_mKTjpM8ioAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3588SyTZCvL4z2WLfHh-vSPzt0xQ%2526client%253Dca-pub-1311151640559524%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Wed, 20 Apr 2022 02:07:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1024464
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ADPycdvB00WKgx745cHqkaEv9SP2O4qOtgzTIss7hz8UjeJ5YHr-cN1aZvdY2p2ANOf3K9-3w-Gx1jlYdqTxEli2DqCgNf8OFA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9258
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hUPImyfwey%2BqfCcEgnpEEaxtADc49l8xlKL9DvFHhCoVvB3PeSEVUblCpVHGtsnYb2XiiXARcQB%2BZGIpTLGZTJWJ0LjYTqtNenK78%2Bzx1iiBtXcxOv%2BXEUAxsw4JZKWsTvbPLNxd4Wev7P8d"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Thu, 21 Apr 2022 02:07:09 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
6fea53215a5983a0-MXP
cf-bgj
imgq:85,h2pri
109EE3CB1BE1B04C85A5224FE47F7D1E6FD7C4CC910F5788D57230F6604B337EE8DFD5BDB0744F893DBC4BBF672B71FDD0A7B81C19E57D2AE8FA59F3BBFD7681
assets.ad4m.at/product_image/ Frame 28A0 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/109EE3CB1BE1B04C85A5224FE47F7D1E6FD7C4CC910F5788D57230F6604B337EE8DFD5BDB0744F893DBC4BBF672B71FDD0A7B81C19E57D2AE8FA59F3BBFD7681
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C24673%2C161594&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7%2CQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhV&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9%2C2xqt6fRQf7dpeuVHWHktwCxx5FWT7TEYcg&c=300&d=250&e=kNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2&g=75e2e0e12ed8e06c79e0281a6d9eb004%2F12491391463658526478&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1650420428807&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzttetbp0s3bamsjjwd8amq90ket490m9qey1vznv5d48hmdtgzq7sxj8kzshy61mante2dzsv1nhr88yhwz98jt8k7nk7720agc3dxzqhf8j85ybc0437r07a5xka25xass6sq0c5hrqc2bsd7s74gvnmp631y723wesjvdf1dvjw92a4jmc43zvp3vnfmwfywdhjk61r6e8amcrxbjzh6acfnhsg4p2mhh3yr9ymc7nvvga27n3k2zb301yg5rghyret9rveeesh5dapg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCT1uky2pfYteJMruD1fAPp46P0ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMzExMTUxNjQwNTU5NTI0oAHCrujdA8gBCakCYlyTrzAZsj6oAwGqBLgBT9CAhN_RF8jgtMiFBUCPoPq3vztU483K27QhEyAssyijGppGKIkdpBa1FkMv1ywju0l7rkqfn-IRtgHPB3_7Mkp6verle3ZdFAQhTcxPJ4slQm0b6LgjldV4imA-nqHda7VRcx0RoHDVojWX5ooXI6rS9AaPFhgJIHYSFTe-l2PMQY9W7ZclKrupGqwJIXex0FhFrabxhjUhRqmlN-wGhvp1VjA0i8NmWOuUYZ-ZIZ7F-ijN9FpTSIAGrbT_mKTjpM8ioAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3588SyTZCvL4z2WLfHh-vSPzt0xQ%2526client%253Dca-pub-1311151640559524%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4369fd4035cfcdb0909dfe5bd140d66231b1f4c6fab17c2b802a4edbf54449

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=HwscaQ==, md5=QEKMkuOfQyYKQIg2TmID3Q==
date
Wed, 20 Apr 2022 02:07:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
508063
cf-polished
qual=85, origFmt=jpeg, origSize=109711
x-guploader-uploadid
ADPycdv-EEwoIVzu6V5Q1rzX0jeDKUH0q21fPJvV5bpv8StZ6Zu1qtHvN9pD8KPvrWsIxB-c3fJOWdfLVB-_vVcK6ChAEJz9KUDL
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20822
last-modified
Thu, 21 Oct 2021 08:32:12 GMT
server
cloudflare
etag
"40428c92e39f43260a4088364e6203dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fr%2BQTWD2AlW%2FkQoEcTSKpOb1hLvWRCUCboxHlgbpNC4KftKPrx5gVELRhzOWXtTF61XcGJf2UPpzTPN28xxGFKbRxARafW0pLvpjILVI7Voi6ZuM4O742MXIcH0EolL9Zhhq3FWI2JSfpWfE"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634805132458381
content-type
image/webp
expires
Thu, 21 Apr 2022 02:07:09 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
109711
accept-ranges
bytes
cf-ray
6fea53215a5a83a0-MXP
cf-bgj
imgq:85,h2pri
/
partner.blau.de/a/ Frame 28A0
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhVoneid__asuidkNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2asuid__suite_Netmix_Reach13_BlackFridayPush&g...
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhVoneid__asuidkNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_...
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022042004070967343752993X117663V1225131106MSoneidQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhVoneid__asuidkNSzJmwG...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022042004070967343752993X117663V1225131106MSoneidQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhVoneid__asuidkNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2asuid__suite_Netmix_Reach13_BlackFridayPush
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C24673%2C161594&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7%2CQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhV&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9%2C2xqt6fRQf7dpeuVHWHktwCxx5FWT7TEYcg&c=300&d=250&e=kNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2&g=75e2e0e12ed8e06c79e0281a6d9eb004%2F12491391463658526478&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1650420428807&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzttetbp0s3bamsjjwd8amq90ket490m9qey1vznv5d48hmdtgzq7sxj8kzshy61mante2dzsv1nhr88yhwz98jt8k7nk7720agc3dxzqhf8j85ybc0437r07a5xka25xass6sq0c5hrqc2bsd7s74gvnmp631y723wesjvdf1dvjw92a4jmc43zvp3vnfmwfywdhjk61r6e8amcrxbjzh6acfnhsg4p2mhh3yr9ymc7nvvga27n3k2zb301yg5rghyret9rveeesh5dapg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCT1uky2pfYteJMruD1fAPp46P0ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMzExMTUxNjQwNTU5NTI0oAHCrujdA8gBCakCYlyTrzAZsj6oAwGqBLgBT9CAhN_RF8jgtMiFBUCPoPq3vztU483K27QhEyAssyijGppGKIkdpBa1FkMv1ywju0l7rkqfn-IRtgHPB3_7Mkp6verle3ZdFAQhTcxPJ4slQm0b6LgjldV4imA-nqHda7VRcx0RoHDVojWX5ooXI6rS9AaPFhgJIHYSFTe-l2PMQY9W7ZclKrupGqwJIXex0FhFrabxhjUhRqmlN-wGhvp1VjA0i8NmWOuUYZ-ZIZ7F-ijN9FpTSIAGrbT_mKTjpM8ioAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3588SyTZCvL4z2WLfHh-vSPzt0xQ%2526client%253Dca-pub-1311151640559524%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Server
78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads1.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 02:07:09 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022042004070967343752993X117663V1225131106MSoneidQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhVoneid__asuidkNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2asuid__suite_Netmix_Reach13_BlackFridayPush
date
Wed, 20 Apr 2022 02:07:09 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
link.html
track.webgains.com/ Frame 28A0 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kpx1kq1f4h68rgj365n9gcx1vrffbz6x3bx8deaq1bhhx4fccsats6t1habspymjw39h5qvz4vnmsw1d5chzfk3d83g4w2wf7z5dg5cyjgdb9mrcgx91kdzjkrkrzyywndwyakdsggrzz1fwfctx48k6wjmjcajfny5esmtdb40w3gmd5ga80mzddj38618ksxy892jb3btqp4nkdzzrdz488ds0de430kjfv4pacah6hsnwc0ajs2b4016a6rqdqpcvqg9zq0cxewfwkerjqbr6j3hdh2wzzt3r9ytmx6cyxcn8tw9rmg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hzttetbp0s3bamsjjwd8amq90ket490m9qey1vznv5d48hmdtgzq7sxj8kzshy61mante2dzsv1nhr88yhwz98jt8k7nk7720agc3dxzqhf8j85ybc0437r07a5xka25xass6sq0c5hrqc2bsd7s74gvnmp631y723wesjvdf1dvjw92a4jmc43zvp3vnfmwfywdhjk61r6e8amcrxbjzh6acfnhsg4p2mhh3yr9ymc7nvvga27n3k2zb301yg5rghyret9rveeesh5dapg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCT1uky2pfYteJMruD1fAPp46P0ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMzExMTUxNjQwNTU5NTI0oAHCrujdA8gBCakCYlyTrzAZsj6oAwGqBLgBT9CAhN_RF8jgtMiFBUCPoPq3vztU483K27QhEyAssyijGppGKIkdpBa1FkMv1ywju0l7rkqfn-IRtgHPB3_7Mkp6verle3ZdFAQhTcxPJ4slQm0b6LgjldV4imA-nqHda7VRcx0RoHDVojWX5ooXI6rS9AaPFhgJIHYSFTe-l2PMQY9W7ZclKrupGqwJIXex0FhFrabxhjUhRqmlN-wGhvp1VjA0i8NmWOuUYZ-ZIZ7F-ijN9FpTSIAGrbT_mKTjpM8ioAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3588SyTZCvL4z2WLfHh-vSPzt0xQ%252526client%25253Dca-pub-1311151640559524%252526adurl%25253D&clickref=oneidApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9oneid__asuidkNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2asuid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7oneid__asuidkNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2asuid__suite_Netmix_Reach13_BlackFridayPush
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C24673%2C161594&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7%2CQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhV&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9%2C2xqt6fRQf7dpeuVHWHktwCxx5FWT7TEYcg&c=300&d=250&e=kNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2&g=75e2e0e12ed8e06c79e0281a6d9eb004%2F12491391463658526478&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1650420428807&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzttetbp0s3bamsjjwd8amq90ket490m9qey1vznv5d48hmdtgzq7sxj8kzshy61mante2dzsv1nhr88yhwz98jt8k7nk7720agc3dxzqhf8j85ybc0437r07a5xka25xass6sq0c5hrqc2bsd7s74gvnmp631y723wesjvdf1dvjw92a4jmc43zvp3vnfmwfywdhjk61r6e8amcrxbjzh6acfnhsg4p2mhh3yr9ymc7nvvga27n3k2zb301yg5rghyret9rveeesh5dapg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCT1uky2pfYteJMruD1fAPp46P0ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMzExMTUxNjQwNTU5NTI0oAHCrujdA8gBCakCYlyTrzAZsj6oAwGqBLgBT9CAhN_RF8jgtMiFBUCPoPq3vztU483K27QhEyAssyijGppGKIkdpBa1FkMv1ywju0l7rkqfn-IRtgHPB3_7Mkp6verle3ZdFAQhTcxPJ4slQm0b6LgjldV4imA-nqHda7VRcx0RoHDVojWX5ooXI6rS9AaPFhgJIHYSFTe-l2PMQY9W7ZclKrupGqwJIXex0FhFrabxhjUhRqmlN-wGhvp1VjA0i8NmWOuUYZ-ZIZ7F-ijN9FpTSIAGrbT_mKTjpM8ioAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3588SyTZCvL4z2WLfHh-vSPzt0xQ%2526client%253Dca-pub-1311151640559524%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
26162903ed525d4f6c4b611422afca12faf34dabb1ae9a3505d69cd6c617d2e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Apr 2022 02:07:09 GMT
Last-Modified
Wed, 20 Apr 2022 02:07:09 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1474
Expires
Mon, 26 Jul 1997 05:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1615 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220413&jk=2023639261504748&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 161D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041401&jk=916938650705493&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
pagead2.googlesyndication.com/bg/ Frame 117C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 21:22:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
17060
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13574
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 21:22:49 GMT
l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
pagead2.googlesyndication.com/bg/ Frame 5E2F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 21:22:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
17060
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13574
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 21:22:49 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1F77 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssAArw7Ke5xx8UPKFXJpAJAxKDMqCBhyDVP1RXVu4WdBzjfnmzOU3VvDnVqkSMql3W0vusyqLd0QVTr_yEbI6i0Fg&sig=Cg0ArKJSzOKO4sCLqBqhEAE&cid=CAASF-RocqRbRJRXImytsFx2XxK4KL7ZzJCZ&id=lidar2&mcvt=1057&p=0,0,250,300&mtos=1057,1057,1057,1057,1057&tos=1057,0,0,0,0&v=20220418&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=967909671&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650420427113&rpt=363&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 28A0 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kpx1kq1f4h68rgj365n9gcx1vrffbz6x3bx8deaq1bhhx4fccsats6t1habspymjw39h5qvz4vnmsw1d5chzfk3d83g4w2wf7z5dg5cyjgdb9mrcgx91kdzjkrkrzyywndwyakdsggrzz1fwfctx48k6wjmjcajfny5esmtdb40w3gmd5ga80mzddj38618ksxy892jb3btqp4nkdzzrdz488ds0de430kjfv4pacah6hsnwc0ajs2b4016a6rqdqpcvqg9zq0cxewfwkerjqbr6j3hdh2wzzt3r9ytmx6cyxcn8tw9rmg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hzttetbp0s3bamsjjwd8amq90ket490m9qey1vznv5d48hmdtgzq7sxj8kzshy61mante2dzsv1nhr88yhwz98jt8k7nk7720agc3dxzqhf8j85ybc0437r07a5xka25xass6sq0c5hrqc2bsd7s74gvnmp631y723wesjvdf1dvjw92a4jmc43zvp3vnfmwfywdhjk61r6e8amcrxbjzh6acfnhsg4p2mhh3yr9ymc7nvvga27n3k2zb301yg5rghyret9rveeesh5dapg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCT1uky2pfYteJMruD1fAPp46P0ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMzExMTUxNjQwNTU5NTI0oAHCrujdA8gBCakCYlyTrzAZsj6oAwGqBLgBT9CAhN_RF8jgtMiFBUCPoPq3vztU483K27QhEyAssyijGppGKIkdpBa1FkMv1ywju0l7rkqfn-IRtgHPB3_7Mkp6verle3ZdFAQhTcxPJ4slQm0b6LgjldV4imA-nqHda7VRcx0RoHDVojWX5ooXI6rS9AaPFhgJIHYSFTe-l2PMQY9W7ZclKrupGqwJIXex0FhFrabxhjUhRqmlN-wGhvp1VjA0i8NmWOuUYZ-ZIZ7F-ijN9FpTSIAGrbT_mKTjpM8ioAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3588SyTZCvL4z2WLfHh-vSPzt0xQ%252526client%25253Dca-pub-1311151640559524%252526adurl%25253D&clickref=oneidApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9oneid__asuidkNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2asuid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7oneid__asuidkNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2asuid__suite_Netmix_Reach13_BlackFridayPush
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-5.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
snQAK.nud_Ry1pExcABmNeZsZtrLXsiU
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 11:22:01 GMT
server
AmazonS3
age
75813
etag
"101c8120dbcfdb729e8ebf54cc77d0cd"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 19 Apr 2022 05:03:39 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
52083
x-amz-cf-id
sFlLXS1qCnu_kBBBqHVsTuLsSTFaih1f6mn50vZHdJWPurBT4kA3JQ==
link.html
track.webgains.com/ Frame 28A0 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidgAd8h8frf9Y2fPHbH8t5trKQTmSQTmxVfeoneid__asuid5220RWpD9dLaawmSomu2Y_TdPFgppFqeasuid__advertisingalliance_advancedad_300x250&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C24673%2C161594&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7%2CQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhV&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9%2C2xqt6fRQf7dpeuVHWHktwCxx5FWT7TEYcg&c=300&d=250&e=kNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2&g=75e2e0e12ed8e06c79e0281a6d9eb004%2F12491391463658526478&i=20774%2C20430%2C20773&j=14%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1650420428807&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzttetbp0s3bamsjjwd8amq90ket490m9qey1vznv5d48hmdtgzq7sxj8kzshy61mante2dzsv1nhr88yhwz98jt8k7nk7720agc3dxzqhf8j85ybc0437r07a5xka25xass6sq0c5hrqc2bsd7s74gvnmp631y723wesjvdf1dvjw92a4jmc43zvp3vnfmwfywdhjk61r6e8amcrxbjzh6acfnhsg4p2mhh3yr9ymc7nvvga27n3k2zb301yg5rghyret9rveeesh5dapg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCT1uky2pfYteJMruD1fAPp46P0ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMzExMTUxNjQwNTU5NTI0oAHCrujdA8gBCakCYlyTrzAZsj6oAwGqBLgBT9CAhN_RF8jgtMiFBUCPoPq3vztU483K27QhEyAssyijGppGKIkdpBa1FkMv1ywju0l7rkqfn-IRtgHPB3_7Mkp6verle3ZdFAQhTcxPJ4slQm0b6LgjldV4imA-nqHda7VRcx0RoHDVojWX5ooXI6rS9AaPFhgJIHYSFTe-l2PMQY9W7ZclKrupGqwJIXex0FhFrabxhjUhRqmlN-wGhvp1VjA0i8NmWOuUYZ-ZIZ7F-ijN9FpTSIAGrbT_mKTjpM8ioAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3588SyTZCvL4z2WLfHh-vSPzt0xQ%2526client%253Dca-pub-1311151640559524%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Apr 2022 02:07:09 GMT
Last-Modified
Wed, 20 Apr 2022 02:07:09 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 5E2F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?QsdBGg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 117C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?mT2PSg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame E69F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst68yODvfr489uX4NBluLj-RO1tOo2GxJFwOifWPFinAbeStjXvAMrIxOBdSZ2dfMmn39EYGL-uidl4Lv6FeXM6nq7-XV42hI6bAnx1sELJdoFBhFmV&sig=Cg0ArKJSzE2WfcVCl3--EAE&id=lidar2&mcvt=1046&p=0,0,254,300&mtos=0,1046,1046,1046,1046&tos=0,1046,0,0,0&v=20220418&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=19&adk=2798357613&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650420426207&rpt=1867&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssp.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame 28A0 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.212.160 -, , ASN (),
Reverse DNS
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Apr 2022 02:07:11 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.212.160 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 20 Apr 2022 02:07:11 GMT
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ Frame 7E10 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041401&jk=916938650705493&bg=!9vWl9bHNAAZvJBiFTyQ7ACkAdvg8Wh63Pe8enJ3Om4TfzyZsYIKyxPyWcBjgrEFEImYKyCAiGnNFeAIAAAK3UgAAAANoAQcKAAJPXJkCtrv2BAkacbIE_NI4EPflSdvex3Z7CrrTthcdvxHMwIJJnMuufgigMCr0_bS82Ps8wYH2KdkFwkh3bjh6KhpRGSVSUMfjHis-EmXOhYkM5R1e08XOEOSJwIjIcG6ZPP_hboAc0of-yW89s3iosu-JIMvX4iKAgTyf0UDaXz-QVuquS4qkUkf7Y_frCKjRdez6v7wzwJwO2KLwzderOsU7NU9BrQIeg9yXIM80H6AUJ8jrhKj5I3t0lbbWH4qYqbiCehGn_L8KNO2N1fsfxoanZiqXKk93HEYUYP_QdoFlChjklPA_dHs_FytDoyJQhFRl1SEQSQuoRad2BUTeuHEk9gI59w_uh7w3ccBIogMG7_upwhTbyY1eppj4K4ED8v5YuRmZXw4WhIQ_V-dT73IsMRunYZxJKgm_6mEgf2rq1ujKBrdD96SZ61CfL5Gf-GIQaItuu_3nlGmL5Sw1acPZsyjHF1Wx6wSlWTM-EUX5at6cr56mpR4gJ2ZBgANbMBziuDtSPEFpYVRVZEYNYW70n7QgYXCW-_rGJ0rXgFUtFtqS4FH3ovdBo_c2sNs7eqKzrbC0sPp5kUk9KuUMITD9wB37nDNOg6kPI0sw4lsdcAN0-SN-zD7cRyZr3B4HIpmLOYniGkuR3-mrv2YePByJkilWU_u3wMU8xcLgvAIArDfA8KvRYENcRr8eYGhbwxEzHq7WkobSmD58-WMbPJFDDUA28Op22twt6v2Rq_GcOQpOHSgXPqskWwvKvdgJBMbGvRfIhBe_lU-xTsGxhoZ7-KzTA1SIIptrGD9iZqsgennI_BCVJbzXZzEtWe1vBvep50cguLqO3XUYfnMr-rJb1m9nfYEP4nrM5-RgrUO-G4EkMfVvXdlqjm1op7GZQfR6IRfGO14rypVsasfGnxnpYeLT49juvNs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssp.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame E69F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220413&jk=2023639261504748&bg=!JSalJmLNAAZvJBiFTyQ7ACkAdvg8Wk6uxGK84L5aEjrelDxyJVktPBlOzlKECX2OlV_6enJGV6bIjwIAAAKlUgAAAARoAQcKADcbrna97XnLhp3r9F3U1f126hZeUmtumjWlUrmuAGFtCWL6vMR1m5huKi4OhdgHRJPwCuGP33aWmQLfebjvyIXeH5cj6ibUb_VtEno1IdgqUYG5pnAVb5xT5sZ0s6RoB3ejqXJV9W8hhdKT6oIyw0hSPe2wXVDfn41HYY2NmC_20eQbj44sajrSuiI3QxsDeviad0o5Xu6BCgTvfRhZ3nX1b8B-fz9Q1xVTQF1SWGzwdbPvQzGhvH2JeKDJjNrAksbOzsm1aVtwMCwEhI1Lxl0mZUdjg2wdwI--oLSu9HXjioxo5ReCKCloaU0yOHamSezQ2wCKGXkRun_DN_C3j6xAzbkHFj4qISHR75ykM_XwGRdIU9wvsgno9DuIwdNxV9VJz6lhDNUUe7gVc0TODBqkuFXn9ETQnRwqLFN1s9Nl1lYh6TMq1bcVwP7gxnaRMFaGdiZWM1lPBh5vkNt7GeEXOAWVRJSHpG3dWjAq2o-nVKf7MbbdXPDubURYHerV8QVa2syphiNxWb_-QMFw7zNGq8IF5v017-Ql8z2JxeWIN-vlqmK3eMvQqUNI9n_imHMl4csCZx1io7j3pWhQKKvJCaCFLTSHOHiDtopPFhECyFDQtQvqwQ_ykAIrLDMbaRKlWIRP03KOasPTMPkW-MTsmjPi7g4zz0dfjoDtbOCnsNuNNR0Hn6dhZdFh4oYmdgZZ8AY09LhOXOWcc2ugeErtbcd4HR9E1EMYgcMyG1HW9b0nVCJ1ibPxhVPkDtIynxa6OUoOoMIUuvympmmGR6olKZS8NJIG4uiOpoyRGB8Lf69cpKV3voolwyJcbpg0ldRHzOVjs81wOItJcVUczoyJlqO6p6SGjeNsYbR7kN-p3GOWKQ0cKGKajJ4EFOwwUH2MOY1k6PSZRRd-wjs3ZeUlJbDAY7sFU1TbdW8uRP7rxjTdHx90ncnDuhQSYGacZYaiswaVEEIE7YqzTPqglzd2Dx3qOsrXY0NErMIddoCfaS4D2ATxktgy5LTl3Rc7LqM0dv3k-UZjAd0LaZbqT3dZfUCY4dblF2RG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssp.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
sync
am-match.taboola.com/ Frame 3FF2 		742 B
827 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7DRoCFgNtpPJ1wQcE2gRtpPJ1wQcE2gUAAAAGBvQHGsWZsWa85WoxmwxWw9FusZiNhrvlaDYawkZxZqwZb7lazCaD1XC0GywGu9FqN5nMhlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73lCCptPhc93rRU-3y3MXOu0u013uMv3lLt_nL9kMZ8vVZjMHAAAAgAcAsZ4FiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAIXccA0AKA6DdtpNLrs_AAAeHkAAAAQwSAAO1J9KAFxexk8AAAAAAAAAAFj-____YwbubfZlBvw5vnoAHnwAHogKEIsYAQAAAARvOCgcTeqEyqIKAIAg3QrgCgAgAJAI11w5DAAAQEBMqX4juwQAS3ZsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCUX1xKUFPczMqP0CAgCs_QICALCpGwDAmwBcyJWg6XT4XPd60dPt8tyFTrvLdJe7TH-5y_f5SzbD2XK12YwuAFYXELMDAAAAuPv____HU6rfyC4BwJLVA6nlaLAabSwT53I5Wm42s5FnshsuTBvbymPxeCzbw7FNoElOt9brCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotL-BGAwGOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIkwvfwjXzbNaSjWW1Fo0mi7XENpitZQ6Lx7RwrByO3WIten1Mz9VwZtgMtygYMLIXwUU60TzMLs_N8rebni7LW-i0u0wXsURzskgnssu-tRwNVqONZeJcLkfLzWY28kx2w4VpY1t5LB6PZd9c-BaumWezlmwsq7VoNFmsJbbBbC1zWDymhWPlcOwWa9HrY3quhjPDZrhvzFaD0WQwGgz3jdlqMJoMRoPlvkNn-K4-Z6N6u9Z6bE6_NNu12BwGhctg8f4kpsW0OzuYTr6jU-eQLos6o-_6PXoNCs_BY5ooU2KdtS8TFpNXheNgUMQSwekinYhextNFLJE8LdKJamJbrBYWl81i2Zhcpt1qNPFsZjbPwmSyrRa73UQsUZou0ole7vJ9_pLNcLZcbTYT9R8ZYrmZS3ZzxWiuGKwSAAAAAAAAAMAS5sybAAAAAJwGtRjuNqvlAlTsOekCgwAAAAAAAOyqSIVbmEO53hQ3fjwxD7PLc7P87aany_IWOu0u05UBJszWmDd7Joi1Wi1rAAAAAWwAAIAAbt28BZxXcg!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.7.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Wed, 20 Apr 2022 02:07:11 GMT
machineid
3406
server
nginx
third
ssp.hinet.net/api/web/ Frame 7E10 		0
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/third?c=2017003&s=201702000008&th=29&wc=3130
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.9.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://ssp.hinet.net/api/web/request/?c=2017003&s=201702000008&t=1650420408428&u=645f1f83-8da9-451c-b42f-b9f76357727e&o=KnUkW&show=static&ca=&k=&cab=&kb=&mode=roll
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:11 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://ssp.hinet.net
access-control-allow-credentials
true
sync
taboola-supply-partners.tremorhub.com/ Frame 3FF2 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7DRoCFgNtpPJ1wQcE2gRtpPJ1wQcE2gUAAAAGBvQHGsWZsWa85WoxmwxWw9FusZiNhrvlaDYawkZxZqwZb7lazCaD1XC0GywGu9FqN5nMhlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73lCCptPhc93rRU-3y3MXOu0u013uMv3lLt_nL9kMZ8vVZjMHAAAAgAcAsZ4FiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAIXccA0AKA6DdtpNLrs_AAAeHkAAAAQwSAAO1J9KAFxexk8AAAAAAAAAAFj-____YwbubfZlBvw5vnoAHnwAHogKEIsYAQAAAARvOCgcTeqEyqIKAIAg3QrgCgAgAJAI11w5DAAAQEBMqX4juwQAS3ZsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCUX1xKUFPczMqP0CAgCs_QICALCpGwDAmwBcyJWg6XT4XPd60dPt8tyFTrvLdJe7TH-5y_f5SzbD2XK12YwuAFYXELMDAAAAuPv____HU6rfyC4BwJLVA6nlaLAabSwT53I5Wm42s5FnshsuTBvbymPxeCzbw7FNoElOt9brCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotL-BGAwGOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIkwvfwjXzbNaSjWW1Fo0mi7XENpitZQ6Lx7RwrByO3WIten1Mz9VwZtgMtygYMLIXwUU60TzMLs_N8rebni7LW-i0u0wXsURzskgnssu-tRwNVqONZeJcLkfLzWY28kx2w4VpY1t5LB6PZd9c-BaumWezlmwsq7VoNFmsJbbBbC1zWDymhWPlcOwWa9HrY3quhjPDZrhvzFaD0WQwGgz3jdlqMJoMRoPlvkNn-K4-Z6N6u9Z6bE6_NNu12BwGhctg8f4kpsW0OzuYTr6jU-eQLos6o-_6PXoNCs_BY5ooU2KdtS8TFpNXheNgUMQSwekinYhextNFLJE8LdKJamJbrBYWl81i2Zhcpt1qNPFsZjbPwmSyrRa73UQsUZou0ole7vJ9_pLNcLZcbTYT9R8ZYrmZS3ZzxWiuGKwSAAAAAAAAAMAS5sybAAAAAJwGtRjuNqvlAlTsOekCgwAAAAAAAOyqSIVbmEO53hQ3fjwxD7PLc7P87aany_IWOu0u05UBJszWmDd7Joi1Wi1rAAAAAWwAAIAAbt28BZxXcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:5e70:34f8:9284:341c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:11 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 3FF2 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7DRoCFgNtpPJ1wQcE2gRtpPJ1wQcE2gUAAAAGBvQHGsWZsWa85WoxmwxWw9FusZiNhrvlaDYawkZxZqwZb7lazCaD1XC0GywGu9FqN5nMhlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73lCCptPhc93rRU-3y3MXOu0u013uMv3lLt_nL9kMZ8vVZjMHAAAAgAcAsZ4FiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAIXccA0AKA6DdtpNLrs_AAAeHkAAAAQwSAAO1J9KAFxexk8AAAAAAAAAAFj-____YwbubfZlBvw5vnoAHnwAHogKEIsYAQAAAARvOCgcTeqEyqIKAIAg3QrgCgAgAJAI11w5DAAAQEBMqX4juwQAS3ZsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCUX1xKUFPczMqP0CAgCs_QICALCpGwDAmwBcyJWg6XT4XPd60dPt8tyFTrvLdJe7TH-5y_f5SzbD2XK12YwuAFYXELMDAAAAuPv____HU6rfyC4BwJLVA6nlaLAabSwT53I5Wm42s5FnshsuTBvbymPxeCzbw7FNoElOt9brCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotL-BGAwGOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIkwvfwjXzbNaSjWW1Fo0mi7XENpitZQ6Lx7RwrByO3WIten1Mz9VwZtgMtygYMLIXwUU60TzMLs_N8rebni7LW-i0u0wXsURzskgnssu-tRwNVqONZeJcLkfLzWY28kx2w4VpY1t5LB6PZd9c-BaumWezlmwsq7VoNFmsJbbBbC1zWDymhWPlcOwWa9HrY3quhjPDZrhvzFaD0WQwGgz3jdlqMJoMRoPlvkNn-K4-Z6N6u9Z6bE6_NNu12BwGhctg8f4kpsW0OzuYTr6jU-eQLos6o-_6PXoNCs_BY5ooU2KdtS8TFpNXheNgUMQSwekinYhextNFLJE8LdKJamJbrBYWl81i2Zhcpt1qNPFsZjbPwmSyrRa73UQsUZou0ole7vJ9_pLNcLZcbTYT9R8ZYrmZS3ZzxWiuGKwSAAAAAAAAAMAS5sybAAAAAJwGtRjuNqvlAlTsOekCgwAAAAAAAOyqSIVbmEO53hQ3fjwxD7PLc7P87aany_IWOu0u05UBJszWmDd7Joi1Wi1rAAAAAWwAAIAAbt28BZxXcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 02:07:11 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 3FF2
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=8b3f0905-c04e-11ec-8bc0-19da87bf0206&orig=video&us_privacy=1---gdpr=1&
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=8b3f0905-c04e-11ec-8bc0-19da87bf0206&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7DRoCFgNtpPJ1wQcE2gRtpPJ1wQcE2gUAAAAGBvQHGsWZsWa85WoxmwxWw9FusZiNhrvlaDYawkZxZqwZb7lazCaD1XC0GywGu9FqN5nMhlP4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73lCCptPhc93rRU-3y3MXOu0u013uMv3lLt_nL9kMZ8vVZjMHAAAAgAcAsZ4FiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAIXccA0AKA6DdtpNLrs_AAAeHkAAAAQwSAAO1J9KAFxexk8AAAAAAAAAAFj-____YwbubfZlBvw5vnoAHnwAHogKEIsYAQAAAARvOCgcTeqEyqIKAIAg3QrgCgAgAJAI11w5DAAAQEBMqX4juwQAS3ZsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCUX1xKUFPczMqP0CAgCs_QICALCpGwDAmwBcyJWg6XT4XPd60dPt8tyFTrvLdJe7TH-5y_f5SzbD2XK12YwuAFYXELMDAAAAuPv____HU6rfyC4BwJLVA6nlaLAabSwT53I5Wm42s5FnshsuTBvbymPxeCzbw7FNoElOt9brCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotL-BGAwGOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIkwvfwjXzbNaSjWW1Fo0mi7XENpitZQ6Lx7RwrByO3WIten1Mz9VwZtgMtygYMLIXwUU60TzMLs_N8rebni7LW-i0u0wXsURzskgnssu-tRwNVqONZeJcLkfLzWY28kx2w4VpY1t5LB6PZd9c-BaumWezlmwsq7VoNFmsJbbBbC1zWDymhWPlcOwWa9HrY3quhjPDZrhvzFaD0WQwGgz3jdlqMJoMRoPlvkNn-K4-Z6N6u9Z6bE6_NNu12BwGhctg8f4kpsW0OzuYTr6jU-eQLos6o-_6PXoNCs_BY5ooU2KdtS8TFpNXheNgUMQSwekinYhextNFLJE8LdKJamJbrBYWl81i2Zhcpt1qNPFsZjbPwmSyrRa73UQsUZou0ole7vJ9_pLNcLZcbTYT9R8ZYrmZS3ZzxWiuGKwSAAAAAAAAAMAS5sybAAAAAJwGtRjuNqvlAlTsOekCgwAAAAAAAOyqSIVbmEO53hQ3fjwxD7PLc7P87aany_IWOu0u05UBJszWmDd7Joi1Wi1rAAAAAWwAAIAAbt28BZxXcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13306

Redirect headers

Date
Wed, 20 Apr 2022 02:07:11 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=8b3f0905-c04e-11ec-8bc0-19da87bf0206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
83
Connection
keep-alive
Content-Length
0
5682.js
go.trvdp.com/init/ Frame BD28 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.trvdp.com/init/5682.js
Requested by
Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1314/5682.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:7c00:3:7e1c:5b40:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d16ee017d689e9e9b3b72eac6ecc16c69465e6e96648c97315cc4397cc8c9435

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 20 Dec 2021 07:05:37 GMT
via
1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)
last-modified
Thu, 14 Oct 2021 12:24:44 GMT
server
AmazonS3
age
10436495
etag
"83dd73a75df5aad78b0b8970d5f7281b"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
23348
x-amz-cf-id
q_OyPcOGh38bRvAbdz1e4MFtINeFbKcGcOHcaGyljkH_14ziD6AqQg==
p.php
stg.truvidplayer.com/ Frame BD28 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/p.php?sid=1314&wid=5682&cb=1080.9780917782375&pid=4273&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F23869533&isab=0
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/5682.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.35 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
9d07bbecd4dfc4ba55c8c36b64bffebf293b1a35d6e1191b14a30edfb3160e2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:07:12 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
x-amz-cf-id
fypef3JnuNs-JOLaavWuqqCjErPBImcI8oDWc2Svm222t4lqwsD_Ag==
via
1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
ins.js
s.trvdp.com/scripts/v5.742/ 		658 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.trvdp.com/scripts/v5.742/ins.js
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/5682.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:e800:d:3c0f:bcc0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 14:40:50 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 06:41:24 GMT
server
AmazonS3
age
559583
etag
W/"d40fd85fcbb9dac1ff245ac8cec6aeb4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
BDlYvonlsfcgl4wMOGXYzkCnSnUtRQ5BqGEDM2gRjvuJz7L8J-WkhA==
cors
data.ad-score.com/score/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.hinet.net
URL
https://www.hinet.net/tv/mobile_iframe.html
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvENm0BmuGGXec&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENRHlOzPrtrMYINQx_yAFCM&google_cver=1&google_push=AYg5qPJyX1w4jhkepvGOMDVa7YfY1eoidcvfNt2oxT_WN2GGqoNrp1DXmxJOMSZaC5MaFKuGPtGcrVRD7oTwo4k2hDrvfM7sNhGZYqg
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4UeyoaWOyxh2JU6Gw7VOGmhyyDC8c_csUoFA84bJe2glXPq_xq2vmyT8vERnWjneowpLJAA
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStAqFvuzcdGmSC4lWKx-ZvkoiXUDWxR2IYw8wZ1B1Y5rtCzya5m7KfwAycArjiXYg
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENRHlOzPrtrMYINQx_yAFCM&google_cver=1&google_push=AYg5qPLHlXeXframWfsaSl3MxCnZmKcvx2u3UdP7K-t3bcvcnQC85UHthg-qIPmmcE-Q1q2e-ycNO9E2LQTfeZfHGX2sz-DEH6t0
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz-mZStWCpBRFA&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENRHlOzPrtrMYINQx_yAFCM&google_cver=1&google_push=AYg5qPKWlH26QZlQ-HNueKJ8_h9Wy5HvoPCvG7ybjP4WokeWq3_ceNUewmpWRammUcOlOJ58I3ZMsTuCqXdEGrWUIHKJeTpSChVJzwc
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?ad_type=video&client=ca-video-pub-1740840196959600&description_url=https%3A%2F%2Fwww.hinet.net&videoad_start_delay=0&max_ad_duration=30000
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?ad_type=video&client=ca-video-pub-1740840196959600&description_url=https%3A%2F%2Fwww.hinet.net&videoad_start_delay=0&max_ad_duration=30000
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENRHlOzPrtrMYINQx_yAFCM&google_cver=1&google_push=AYg5qPL7H66Nvx-YDBmEeHuvhlyhK3cNb_Hmgl1wxQFghJAzI_khw4JBGvHb7fw5nvRP6K4M95FkHBv8WlgDblP723-pvhCjW7oMqg
Domain
data.ad-score.com
URL
https://data.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=times.hinet.net&l1=5682&l2=hinet.net&l3=DE&l4=desktop&l5=5.742&cb=0.6035890992625763

Verdicts & Comments Add Verdict or Comment

190 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| $ function| jQuery function| OnImageLoad function| ScaleImage function| imgError function| fixImg function| wholeImg function| fixImgs function| fixImgsWH function| setDefaultImg function| setDivNoPic function| setLiNoPic function| neverBigger function| qualify function| fixedImg object| _taboola function| hideIfNoAd string| cookiesPath string| contextPath string| today function| initSetting function| toggleSetting function| toggleTag function| radioChecked function| checkedSetting function| saveSetting function| saveSettingTag function| saveWeather function| toWeb string| partnerId function| hiball object| __hitagCmdQueue object| FB object| TRC object| _tblConsole undefined| msg object| _comscore function| udm_ object| ns_p object| COMSCORE function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| hitag function| ssp boolean| hinetworkpop boolean| sspreview function| noAd object| tags object| attr undefined| adWidth undefined| adHeight string| pathname object| __core-js_shared__ object| core object| ppnio string| newsId boolean| idleFlag function| idleOpen function| idleClose object| googletag object| divThird object| exposureThird string| jsonXml function| fbComment object| ggeac object| google_tag_data object| google_js_reporting_queue function| KayakMain number| taboola_view_id function| filterNews function| doPaging object| Mustache function| scrollToLatest string| template function| setFontSize function| refreshFontSize object| fontSize function| nextDouble function| getAdText object| weatherForecast function| updateWeatherForecast string| county object| _rmaxStyles$ object| _rmaxInlineStyles object| _rmaxScripts$ object| rmaxads function| showPartnersHide object| adAutoClose string| GoogleAnalyticsObject function| ga object| WOWOCEAND2S object| sectionCode object| WT function| scroll_it function| scroll_it_wobble object| RSetElem object| elems function| getCookie function| vatrack string| va object| placementData undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| gaplugins object| gaData object| cmTag object| google_reactive_ads_global_state object| _cm_wfCounters object| _pop object| _popIn5_config object| PopInGlobal function| Treasure2 object| PopIn6 object| popInGlobal object| PopIn object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| PopIn5Conf number| mediagoAdPosition object| PopIn5 object| JSON3 object| ampInaboxIframes object| ampInaboxPendingMessages number| measureInterval object| GoogleGcLKhOms object| google_image_requests object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

94 Cookies

Domain/Path Name / Value
times.hinet.net/ Name: Tid
Value: 85f4fc90c04e11ecac8d005056af6043
times.hinet.net/ Name: JSESSIONID
Value: F1546BA257BA8F346DCCE7C1D303C5CC
times.hinet.net/ Name: UqZBpD3n3iXPAw1X
Value: v1V+4+JQSD9LL
times.hinet.net/ Name: setting_locale
Value: local1
times.hinet.net/ Name: setting_star
Value:
times.hinet.net/ Name: setting_weather
Value: 63000
times.hinet.net/ Name: setting_lunar
Value: 0
.scorecardresearch.com/ Name: UID
Value: 1897c70e4ae2ad69d9e70fe1650420404
trip.hinet.net/ Name: cluster
Value: 5
trip.hinet.net/ Name: kayak
Value: JEUce0SugMXxHQuWzxTi
trip.hinet.net/ Name: kayak.mc
Value: 279$JEUce0SugMXxHQuWzxTi$Af-903ELSizHgy6Vn7_Bek1ohijEd58sFnBkzLiu-bVpPEcbEBJgAL_8XLVJlnQIfP-cJIgBen_LmRz0PV91_SnGXSwS5UpUzN7VYrB7gk8_t_TmBEYojOTpzkGZ0Bu0AXwZkoG39597RgZIhvxeSn7IAwajr1FA6dorpCAq3XSDzXAT2z4PK77JdRqfT6YSikmF2V9f8JbB7Rwju56PXpDPIVfsoi5c2xZ5LFg7mMI67hO089ZeuHXfkxJYHOvpb4ud3yBsmZzocFpM9JqJcVA
trip.hinet.net/ Name: Apache
Value: wRsOCg-AAABgES406c-a9-IZ92hA
trip.hinet.net/ Name: p1.med.sid
Value: R-5LTogHUbN4$bPfLBx0nZb-1M369J0uX58QTE3M5_isa6J1Kc_OGvmp50zy76TS2
.hinet.net/ Name: uuid
Value: 645f1f83-8da9-451c-b42f-b9f76357727e
.hinet.net/ Name: __htid
Value: 645f1f83-8da9-451c-b42f-b9f76357727e
.hinet.net/ Name: _ht_em
Value: 1
.ssp.hinet.net/ Name: uuid
Value: 7536927f-270b-7ca0-ddf6-9ac9caf6ad67
times.hinet.net/ Name: adid
Value: 7536927f-270b-7ca0-ddf6-9ac9caf6ad67
times.hinet.net/ Name: va-dtid
Value: 1650420408426
.facebook.com/ Name: sb
Value: uWpfYpLaFtHevldQScoLiZkE
.facebook.com/ Name: fr
Value: 0uiPHFsAvrIUDswmx..BiX2q5.pk.AAA.0.0.BiX2q5.AWVFpcgUNyQ
times.hinet.net/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D9a7a5f33-2c25-4421-b606-fabc4a1ea171-tuct958f038
vatrack.hinet.net/ Name: track
Value: 553077064
vatrack.hinet.net/ Name: sid
Value: 322212046
.hinet.net/ Name: _ga
Value: GA1.2.1746851889.1650420409
.hinet.net/ Name: _gid
Value: GA1.2.313115528.1650420409
.hinet.net/ Name: _gat
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkzinAagKyGTcyagQJI3FEFLHKCIC-Bb0slROx1HCETD-n_B2edPvpGp-3_OIA
.tenmax.io/ Name: uid
Value: 8ae04b60-c04e-11ec-b478-25bdcc916179
.tenmax.io/ Name: wt
Value: 1
.hinet.net/ Name: _ss_pp_id
Value: 6d9d3bf415db68aa9011650420410716
.litv.tv/ Name: _gid
Value: GA1.2.2004260237.1650420411
.spotxchange.com/ Name: audience
Value: 8b3f0905-c04e-11ec-8bc0-19da87bf0206
.hinet.net/ Name: _ht_hi
Value: 1
.litv.tv/ Name: PUID
Value: 0f1b405b-4e10-4237-a3b5-92e8fa938f2a
.hinet.net/ Name: _gat_UA-46698217-3
Value: 1
.quantserve.com/ Name: d
Value: EEQBCQH5JYEA
.quantserve.com/ Name: mc
Value: 625f6abc-6013a-688a0-a7e39
.doubleclick.net/ Name: DSID
Value: NO_DATA
.popin.cc/ Name: uid
Value: 6d9d3bf415db68aa9011650420410716
.casalemedia.com/ Name: CMID
Value: Yl9qvP1aPy1o8obiwowjQwAA
.casalemedia.com/ Name: CMPS
Value: 3219
.yahoo.com/ Name: A3
Value: d=AQABBLxqX2ICELtNbmVQa3CY9jYPZPXvTdEFEgEBAQG8YGJpYgAAAAAA_eMAAA&S=AQAAAuiXcUZoAFsCJtDUQ4b39gY
.casalemedia.com/ Name: CMPRO
Value: 1192
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.innovid.com/ Name: uuid
Value: 8c326722-ba0c-47fe-a85c-1efc5dd355f6-20220419 22:06:52
onead.onevision.com.tw/ Name: onevision_guid
Value: 8bb6fb91-c04e-11ec-a6ec-0242ac120002
.taiwanmedia.org/ Name: PUID
Value: 0f1b405b-4e10-4237-a3b5-92e8fa938f2a
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 228C9A0B-9E2A-433E-A6C9-B9C87888F2CD
.litv.tv/ Name: _gat_gtag_UA_138079999_6
Value: 1
.litv.tv/ Name: _gat_gtag_UA_138079999_10
Value: 1
.adnxs.com/ Name: uuid2
Value: 7008274669759727448
e2elog.fetnet.net/ Name: ApplicationGatewayAffinityCORS
Value: e5c62d70928c9fa61e703052b4045c67
e2elog.fetnet.net/ Name: _ctid
Value: 293e3b3114bf462bb6c9794375833276
.casalemedia.com/ Name: CMRUM3
Value: 2d625f6abe2760CAESEFjeyhUb_XOUHNVClEUrbls
.adaptv.advertising.com/ Name: adaptv_page_url
Value: "M3h9qeyoFhjizhYsmlsKWXwjd4VgcclFS/QtglwkN6cf2j-8bqT3//lfk1VoNpEHjpTFDYSxOyrDgzb8Z1Dz8fw8vVnb3eM0MuAVq/rj1ZMVvTu/Nq628YdVJeri5PGF"
.litv.tv/ Name: _ga
Value: GA1.2.34940685.1650420411
.agkn.com/ Name: ab
Value: 0001%3AXsDQ18CzO7MLHSr%2Fs2oorqrF5yvCNami
.rlcdn.com/ Name: pxrc
Value: CL/V/ZIGEgUI6AcQABIGCOndKhAA
.litv.tv/ Name: _ga_JRLWM3RJSP
Value: GS1.1.1650420411.1.0.1650420414.0
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: na_id
Value: 2022042002070000080567586480
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 625f6ac4af2a695b
.addthis.com/ Name: ouid
Value: 625f6ac40001e041f1b76d0b22df541accf168eeafc49241d1cf
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20220420
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.c.appier.net/ Name: _auid
Value: LaWLuHDKDi6AkkT0xWpfYg
.3lift.com/ Name: tluid
Value: 1648374788626424376057
.lijit.com/ Name: ljt_reader
Value: 2c44c53221f7630db931e875
.blismedia.com/ Name: b
Value: 625F6AC77DB1B6CB42D81282BLIS
.adform.net/ Name: C
Value: 1
.mathtag.com/ Name: uuid
Value: 5581625f-6ac7-4001-8b98-55d7c3284800
.adform.net/ Name: uid
Value: 2828417912751904641
.hinet.net/ Name: _td
Value: 5b4ab9ec-93f2-450c-b510-a0848ff4de4a
.adnxs.com/ Name: anj
Value: dTM7k!M4.FCxrEQF']wIg2IlhjfOAx!fsu$He-[eih-:-1(K)7rLo%Xr0>Rg(]MAvWeJ@])uO`%]FWpv)7CyY^pVKC<Wk#N!AXTO:4=sB!%P<AVkIIl
.adnxs.com/ Name: icu
Value: ChgI9ohXEAoYASABKAEwx9X9kgY4AUABSAEQx9X9kgYYAA..
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 416babb6965b701a
.aralego.com/ Name: sspid
Value: ef843e3a-840e-3644-8327-c357a092a5cf
.tenmax.io/ Name: pb3
Value: doubleclick
.tenmax.io/ Name: ul
Value: 514624859
.tenmax.io/ Name: x_dblkuid
Value: CAESEDZLEnDXWBKYKPfneycuYN4
.casalemedia.com/ Name: CMST
Value: Yl9qvGJfasgA
.agkn.com/ Name: u
Value: C|0CEAp8ic-KfInSAAAAAABAQ13AQEAAQpAAAAAAA
.hinet.net/ Name: __gads
Value: ID=7aeb9a1e9fafdbfd-226d243b7bcd0048:T=1650420409:RT=1650420427:S=ALNI_Ma67VDkohnQ7fP3sSGJQUhHadZIdg
.rlcdn.com/ Name: rlas3
Value: f4jC4xYpqU2G0r/L92rc8h6ZgUxQn8W8wJpO82KOacs=
.blau.de/ Name: nscT486
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTcxMDAwMDAwMDA2MTY1MDQyMDQyOXZsZWExZGUyMDIyMDQyMDA0MDcwOTY3MzQzNzUyOTkzWDExNzY2M1YxMjI1MTMxMTA2TVNvbmVpZFFnUkg0ZjJyaDE3WVhUeEg1SFl0R3RaWnJURFQ0VDlSaFZvbmVpZF9fYXN1aWRrTlN6Sm13R0dzQkJ2RWN2djV4UEJ6Vl9KOHlXa21BMmFzdWlkX19zdWl0ZV9OZXRtaXhfUmVhY2gxM19CbGFja0ZyaWRheVB1c2gxMTc2NjM
.blau.de/ Name: nscQ486
Value: V
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022042004070967343752993X117663V1225131106MSoneidQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhVoneid__asuidkNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2asuid__suite_Netmix_Reach13_BlackFridayPush&wfid=117663
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTcwMDAwMDAwMDA2MTY1MDQyMDQyOXZsZWExZGUyMDIyMDQyMDA0MDcwOTY3MzQzNzUyOTk3WDEyMDIxMVYxMjI2MTMyNzAyTVNvbmVpZFlYMUhyZjE1c3BCcEhWSDlIZXRRdFJSOGNBVDFUNm1Icm9uZWlkX19hc3VpZGtOU3pKbXdHR3NCQnZFY3Z2NXhQQnpWX0o4eVdrbUEyYXN1aWRfX3N1aXRlX05ldG1peF9SZWFjaDEzX0JsYWNrRnJpZGF5UHVzaDEyMDIxMQ
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022042004070967343752997X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidkNSzJmwGGsBBvEcvv5xPBzV_J8yWkmA2asuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTcwMDAwMDAwMDA2MTY1MDQyMDQyOXZsZWExZGUyMDIyMDQyMDA0MDcwOTY3MzQzNzUyOTk3WDEyMDIxMVYxMjI2MTMyNzAyT

17 Console Messages

Source Level URL
Text
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
rendering warning URL: https://www.hinet.net/tv/mobile_iframe.html(Line 6)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENRHlOzPrtrMYINQx_yAFCM&google_cver=1&google_push=AYg5qPJyX1w4jhkepvGOMDVa7YfY1eoidcvfNt2oxT_WN2GGqoNrp1DXmxJOMSZaC5MaFKuGPtGcrVRD7oTwo4k2hDrvfM7sNhGZYqg
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPLBVCxhbI5JUcbhzoubCf5IeBCZFSiwgvxobc1XMTDADL9wZj9t6q8zhrDCCrbJivoGZHPNdCAsu1zj0MNvENm0BmuGGXec&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENRHlOzPrtrMYINQx_yAFCM&google_cver=1&google_push=AYg5qPLHlXeXframWfsaSl3MxCnZmKcvx2u3UdP7K-t3bcvcnQC85UHthg-qIPmmcE-Q1q2e-ycNO9E2LQTfeZfHGX2sz-DEH6t0
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_cver=1&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_push=AYg5qPJPnlVVsiOFm4_O7__rhnVEd_L4UeyoaWOyxh2JU6Gw7VOGmhyyDC8c_csUoFA84bJe2glXPq_xq2vmyT8vERnWjneowpLJAA
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://ads.adaptv.advertising.com/a/h/aL3BZ+3vSNmS81GvhwKFwMJJNo4wlhu2?cb=1650420421176&pet=preroll&pageUrl=https%3A%2F%2Fwww.hinet.net%2F&pi.width=0&pi.height=0&pi.viewable=1&eov=eov
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://ads.adaptv.advertising.com/a/h/aL3BZ+3vSNmS81GvhwKFwMJJNo4wlhu2?cb=1650420421176&pet=preroll&pageUrl=https%3A%2F%2Fwww.hinet.net%2F&pi.width=0&pi.height=0&pi.viewable=1&eov=eov
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1&google_push=AYg5qPJnXokJzDhHQvDthzMQx7nhVzPr5iStAqFvuzcdGmSC4lWKx-ZvkoiXUDWxR2IYw8wZ1B1Y5rtCzya5m7KfwAycArjiXYg
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENRHlOzPrtrMYINQx_yAFCM&google_cver=1&google_push=AYg5qPKWlH26QZlQ-HNueKJ8_h9Wy5HvoPCvG7ybjP4WokeWq3_ceNUewmpWRammUcOlOJ58I3ZMsTuCqXdEGrWUIHKJeTpSChVJzwc
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
other warning URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript error URL: https://imasdk.googleapis.com/js/core/bridge3.510.1_zh_tw.html#goog_365710911
Message:
Access to XMLHttpRequest at 'https://googleads.g.doubleclick.net/pagead/ads?ad_type=video&client=ca-video-pub-1740840196959600&description_url=https%3A%2F%2Fwww.hinet.net&videoad_start_delay=0&max_ad_duration=30000' (redirected from 'https://ad2.apx.appier.net/www/delivery/vxml.php?zoneid=9704') from origin 'https://imasdk.googleapis.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?ad_type=video&client=ca-video-pub-1740840196959600&description_url=https%3A%2F%2Fwww.hinet.net&videoad_start_delay=0&max_ad_duration=30000
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yl9qvP1aPy1o8obiwowjQwAABKgAAAIB&google_push=AYg5qPJ-R5nTgSOK6jP0oMeVYrHRwEXAzvCBRBd0_XXTTAd4Tu8up6fFm5GT51pnXdP-aHs6JDOQZuncaESUIi1Nyz-mZStWCpBRFA&google_gid=CAESELTqvRIzymXZA3nKMHo095c&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript error URL: https://imasdk.googleapis.com/js/core/bridge3.510.1_zh_tw.html#goog_365710911
Message:
Access to XMLHttpRequest at 'https://googleads.g.doubleclick.net/pagead/ads?ad_type=video&client=ca-video-pub-1740840196959600&description_url=https%3A%2F%2Fwww.hinet.net&videoad_start_delay=0&max_ad_duration=30000' (redirected from 'https://ad2.apx.appier.net/www/delivery/vxml.php?zoneid=9704') from origin 'https://imasdk.googleapis.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?ad_type=video&client=ca-video-pub-1740840196959600&description_url=https%3A%2F%2Fwww.hinet.net&videoad_start_delay=0&max_ad_duration=30000
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENRHlOzPrtrMYINQx_yAFCM&google_cver=1&google_push=AYg5qPL7H66Nvx-YDBmEeHuvhlyhK3cNb_Hmgl1wxQFghJAzI_khw4JBGvHb7fw5nvRP6K4M95FkHBv8WlgDblP723-pvhCjW7oMqg
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

05f1498154dc10d3a52a98ef22f6b0c5.safeframe.googlesyndication.com
1225ef7adcb5a5606b8e633d2d8d5efc.safeframe.googlesyndication.com
14caa0eb8c9720740e17322578407696.safeframe.googlesyndication.com
15.taboola.com
24327e10640890d0a908df1a89ac2fa1.safeframe.googlesyndication.com
42fbc773b1deded427a8b895ce413d22.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
645f1f83-8da9-451c-b42f-b9f76357727e.t.ssp.hinet.net
8dfddd28b233cf5cd942b76d1dfd52f2.safeframe.googlesyndication.com
ad2.apx.appier.net
ad4m.at
ade.googlesyndication.com
ads.adaptv.advertising.com
ads.aralego.com
adservice.google.com
adservice.google.de
adsv.svc.litv.tv
adx.c.appier.net
ag.innovid.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
analytics.webgains.io
ap.lijit.com
api.popin.cc
api.svc.taiwanmedia.org
api.webgains.io
apn.c.appier.net
as.ad4m.at
assets.ad4m.at
c1.adform.net
cdn.ampproject.org
cdn.contentspread.net
cdn.js7k.com
cdn.jsdelivr.net
cdn.taboola.com
cdnjs.cloudflare.com
cdnstatic.svc.litv.tv
cds.taboola.com
cm.g.doubleclick.net
cms.quantserve.com
cnt.trvdp.com
code.jquery.com
connect.facebook.net
d.agkn.com
data.ad-score.com
dclk-match.dotomi.com
dmp.tenmax.io
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.dlx.addthis.com
e2elog.fetnet.net
eb2.3lift.com
ed759e07329150df5cf259c3fece2575.safeframe.googlesyndication.com
fino.svc.litv.tv
fw.adsafeprotected.com
go.trvdp.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
hal9000.redintelligence.net
hal90006.redintelligence.net
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
jsmodule.svc.litv.tv
lispeedtest.akamaized.net
match.adsrvr.org
odr.mookie1.com
onead.onevision.com.tw
p-api02.svc.litv.tv
p-yonder.svc.litv.tv
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pips.taboola.com
pixel.everesttech.net
pixel.mathtag.com
pixel.rubiconproject.com
player.svc.litv.tv
pmp-beacon.apx.appier.net
prod-m-node-3113.ssp.yahoo.com
prod-rtb.ad4mat.net
pubads.g.doubleclick.net
pusti.svc.litv.tv
r.popin.cc
redir.adap.tv
rtb.openx.net
s.trvdp.com
s.yimg.com
s0.2mdn.net
sb.scorecardresearch.com
search.spotxchange.com
secure.adnxs.com
securepubads.g.doubleclick.net
sp.analytics.yahoo.com
ssbsync.smartadserver.com
ssp-hinetwork.cdn.hinet.net
ssp.hinet.net
ssp.tenmax.io
static-de.ad4mat.net
static.adsafeprotected.com
static.adsinstant.com
stats.g.doubleclick.net
stg.truvidplayer.com
sync-t1.taboola.com
sync.1rx.io
sync.search.spotxchange.com
sync.teads.tv
t.ssp.hinet.net
taboola-supply-partners.tremorhub.com
tags.mathtag.com
tenmax-static.cacafly.net
times.hinet.net
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
trc-events.taboola.com
trc.taboola.com
trip.hinet.net
tw.popin.cc
us-u.openx.net
vatrack.hinet.net
vidstat.taboola.com
vjs.zencdn.net
web.ssp.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.hinet.net
www.lead-alliance.net
www.telefonica-partner.de
cm.g.doubleclick.net
data.ad-score.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
www.hinet.net
104.102.29.65
104.111.242.245
104.92.72.137
107.178.241.176
108.157.4.121
108.157.4.35
119.63.193.220
119.63.198.188
119.63.198.189
13.248.245.213
13.32.21.123
13.76.34.51
138.201.63.164
139.162.58.205
141.226.224.32
141.226.228.48
142.250.181.226
142.250.185.130
142.250.185.66
142.250.186.102
142.250.186.130
142.250.186.98
143.204.98.5
151.101.1.44
151.101.129.29
162.210.196.208
168.95.245.4
18.156.195.47
18.202.199.206
18.66.192.9
18.66.248.51
185.29.134.249
185.64.190.78
185.86.137.108
185.94.180.123
185.94.180.126
192.229.221.28
2.18.233.201
20.184.62.41
2001:4de0:ac18::1:a:1b
2001:b000:590::1
202.39.224.124
202.39.67.8
203.75.213.47
203.75.214.136
210.242.135.3
211.21.190.218
212.82.100.181
213.19.147.44
2600:1901:0:76b9::
2600:1f18:612b:4200:5e70:34f8:9284:341c
2600:9000:206f:f800:1e:6a6f:9700:93a1
2600:9000:214f:9e00:8:48e:53c0:93a1
2600:9000:2156:b000:3:cecd:5f00:93a1
2600:9000:2315:7c00:3:7e1c:5b40:93a1
2600:9000:2315:8400:9:f0ff:5340:93a1
2600:9000:2315:e800:d:3c0f:bcc0:93a1
2606:4700:10::ac43:1755
2606:4700:20::681a:61b
2606:4700:20::ac43:4a81
2606:4700::6810:5814
2606:4700::6811:190e
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:80:807::2
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2004
2a00:1450:4001:811::2001
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2002
2a00:1450:400c:c0c::9a
2a02:26f0:3500:4::b818:4dc1
2a02:fa8:8806:13::1370
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:400::300
2a04:4e42:600::729
2a05:d01c:1d8:8102:a946:f0fe:2301:5b7a
3.120.51.47
3.122.136.79
34.117.124.131
34.117.234.181
34.96.105.8
34.96.119.68
34.96.74.134
34.98.64.218
34.98.67.61
35.163.43.225
35.227.252.103
35.244.174.68
37.157.4.23
37.252.172.249
37.252.172.38
46.236.13.147
51.75.147.170
52.213.110.128
52.223.40.198
52.29.21.97
54.76.212.160
65.9.7.105
69.173.144.138
72.251.249.9
78.46.23.46
78.46.85.162
84.200.5.215
005d5464467462ad59800ecef725b74628c96c623583c8e0dabf712dfa9ebff4
01bfcffc34e1ea08d884a0d8af25c24044a13fdd2c1831362a485c74e3eaac35
026649e35eb8357f00fba5d9ced4df29707245f0c274426738472676ffc10502
0366a21703cd52258ec7e5de989232cafcd318889fbaf23a6893a32d754090fb
03fdcb70e9be4f6d1accff5b92cfa614f1a9871b2a6d62163174bb7504183b75
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
04dccc299261a1c9f8a37a7527a673973fcf7343ff13cb43a4a690c373284ccc
057dc6635045deb290a366da0e3df6afb2bc6b410b939e04e455b24c27d7b3ac
05e15f0a098f99df6255a951f48d34e45e37387384e5e08c1c02ea8308417e62
0617c3ac206390ae74a69154b3d93391017721ed1e352b35fd1c93c1f29aac57
06630dc3389c18eb7762be26084cce1216e5ffc9b264f9d7437420792ed80339
069789daadf832719e6626347c4e5cb9932da94ca68b222752abea8138615abb
075a0f9a749139c00cc268f9a40bb98bb3075c3f7132a10cbfffbc29a84479b2
07b657a38321b069452668fcdd55a4a23ccb878064ddca2de2711a1fe790342c
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
090262a289d76baf54bd96b4a956dc760369a4ad1ea6b37103184e77d76b8f49
090630bff5b997888f14e6e044b9485bc5f86f9d874cbfeebcb51e19d5c16446
097d60c3996431bb755fece421f9c2cd6aa144f5491310209159558ccbf34f81
0985fc9e6c924f671da4352346a551e7171d01be5c16aea4a2e9f966edc985f1
0ae720a8060fee5c9e6860899e47e736cc1fb27116b04cbd0a8b78baa065c05c
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc229f5d14e3b1fe284babf1166fec10f1bcb63b06c4fde445e53d5afc1c738
0bd6bded44fbb97cadeb6f270bea08907bb7dbb4d3b8c57c18b89fa8f5861d51
0c2c3833db039b05863f40069917952f041b8b245e385b6d8b92e93938b78c7e
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f35e9afae4d24612fcedd815c247d633510a123c6f9f409222a89c75ffd2419
0f97bafe5e927c4be851183087aed6b3250a64eab3499a76b7519d7137d18c56
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
108a5ee6306c726271c490dceca48e5fb5a148ea41fcb9fe55cd5d348f16eb57
10950392ef7cc3380276a6f24fd45d911654fda2ad06a698fa5ff6aba3f7b538
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10fda0a60d47fb7abac09257d76eb36bcda674a3e88f20eb02e6f054b8b106e4
110827f95088f524f0e8e0dd0b1296bff78aad4380a33bc4880681a60f616d80
11093965cab85c1e47839623f442f8fd9e9f196f97b4b1b2e9db42a51c3515ab
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12ae67ad9b72fa5b9b513ebd89f58838e14f561ccd3f3fdeaa0dec336bf35915
1368ef2309695427daf1ca5a8ef461a7ebb32aea50a74c970822b66fc6795a57
13cc47f83c2f6e2d0828c83f56845b729902fb395c8def1dd2fc4ebfc30dce47
13ddd5194f5cfe75b4d9d0500831b1cc64aaac2a8ce2e10984e43533dc0ecc93
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
14c8862a2d9916b08fb2ffeee08896c7819db0b22bcdd613c9cad2afdf182ac8
1568c2170219639a98d73641d1d0d356af135f2b9a3cfb7e4937f1c191ba7478
16073a0bc6e36b3da6b1b9931ae14b511f326349f54954aa3f321c8f54b7ade9
169db5a311931701397dd2b8a209e99c70e5c116009296712ad4f627c11ffc66
16efeb0515fc43c77483b067a3eff94b07162153babc768c83871a79fc25343f
171ba96cb019bfc352dd4beec42b67513d0283d028755938ca5f036340921023
17846201118cd97027dc85d5c99293d2103fe0a9d0720d40aa85cab7d38b19a4
17ed3bb9d1c1bc6107ccd9b77e2afea2adcf57843f1ffe43fab4e7f7138cd356
18044d775a7745700d2a79e4063b68780c6e663f7761b1c774d95bde64db974c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
181f3f99fc38af603b04a7e9ff1e1b9f55322718f577df2cb6ba0dfda8caf792
1997e5fae742597b647978f12afc735e576dfabc72dfdb95466f976b039af5fa
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
19d173388ecf7414a4d7ba951cc7557b1f4d181cfddf5717fd09410d2f7d81f6
19d30fa994cb314679523d92b8370332697a73e4c1bd72b434d12764ece27f21
1a1929bc65c477dc0c4a822a1e35343201bf36ec838eaecfae179b3df160a4f6
1b21f754bdef534839e86c1ff170d7137eaf4801380fce424e7e368d831bb01a
1b7ccc4002d2466149f4c1434d90876a0fd332dbd744965ca80a721045d2184a
1bc1d371b017238a64805d5bff2366749705407b4e9390d5dbd406a520802418
1c6b468ac76d805e0409bb3de88f5f26c3bd79bb5563b2b037db6e324190bd9b
1cc9e5b9a038b56587837431eaed3a222f9c696f9dff5c44beabb8ccc5e3c4f2
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d2f85c7e37cdfb2620bfe00478997a899e414d2b957f471240c59cead01ebd6
1d8f92749cc2a265971215076bf9d8100900200556fee88fc2ab1612e39c1895
1d999d822abc4f61f682f3ab44462f385b61df2c41dcf6d5903e223e71ca3fd9
1df3be3556d585937fd2199871dabb55c715d7e64c9f744c774ccc5a81c2efac
1dfe43e4b3e9a7209802cfffb6d1c4d20e4622b45b4c64d5140bd46b5adf4aee
1e15f65bcef05f2ea9f54e051da9bf7e6fc9eb00a669905c9ed33f4fd7ba26f7
1fa4c3d86e2f4ce501d789f6230a225e49959ffd4ca6e0552d516d5f9f0ade5a
2013feb290ee56dfc7e5ec62288b9cc6952b3774fcb0570545fae9377ec37c9b
20438e26751d31bcadf3543f9e2736b1680e5cbda218ba7a8e2aa7cd8cda935a
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
21bb013c1cffa21155688a9f72600dc272b05defbe63c3a27bf69e186ddf2952
22b46f2b1ecd85db8144f056da40a7a45d62aa70271f16b18c62d3f4ab7aa884
22b68a136dd882531570abc4ea12b6db8ea7fc3a4c0dd4b1f09f0b232ad06e36
230adde1ad039ba5d92c6a9c31b0644df62bae6128d7d822a3dc047c97185fe4
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
23b748757b73adae0cf1be9be91149bb95a662855bddc6714ae99009e8de4a6e
253eb5746eca714be94d1a0c70b0bd6216d681a4dea0b1745bdb43ed69fab701
26162903ed525d4f6c4b611422afca12faf34dabb1ae9a3505d69cd6c617d2e0
268a8ea6d55ccb129aca1b77c92c52358ab8bd762b3f95a0fe831fc3c0cf8db3
268e5ad893862a2d3bbbdf6cfcfc7b43e3adbeca4fb5d82cd06e0e2074721fc5
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
2767df6736abef725fe8b1e39307f402dc27a7c8341f9354a8c1b883dcc563dc
27cc927df9c0803c26aa0a0abe711d52988af391a2e839f4c8c022d0a069f9eb
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
293e5103d8c63e22a8a3a92b2e728e33ab71a1c5b1f7b100e33c53ce7469c55f
293f8ffd5a709807b597c92605f0ee341521b8445f94ff262172c93cddd5e84f
294593c4aed632598c22cd7ab624e2f37047e9a5c3d5fbb3c672172f307e73c0
29b2e791ac08da45f7a1f8d52773ad72e07990d2ef98540ab6a8f411f81c6bcb
29e07993c302ea7830adb7086147f5d7476968158d2ca9e1d1a0fd336a5f02b8
2a878e7c010b8ee048ad7f0734c6653e4463880550867f5263c7b3d203599635
2aeb4f08312d234c1900b53833468b03c5306309159fc7ad8e35b069b65e258f
2e77a884b41aef255722a9188a640a0916b737d8c6831efc386bd538c6600d08
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f4cdc3c7d29ec8d2711719ea703c92f8af2c2411632991983c2012768a9d0c9
2f954d8fc1b0f633814e95c174d0347dd8f9a510ab1121648b2c81c4624770b5
2fbca0fca49045bdc0fd14f342e0a280b8f680e2a51a0a166c2af8ae1aaa5f25
2fc08e0d8fbce025a4ff119b0ff3e2fbbe94954fb39f136e293830446c27acd1
303eeac2d4c57de43238af79e155db4a3d855f8d1b6296cc6811de5a857fe236
3202c6853276a35c4252dd8b434d88a050d8d97f3d1e7464bbc1cd51be2029e6
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
331526c14b60a755fe5aa879555bc51e4d8d2f65b113125cd177e685295317ec
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
344f0443250af5db0e81793a8913364a3f0973e31a082cdae9b396b88e605683
364d46add4e2a123d4deebc10a3f3ff40444ae6303cdccc6ecf319f9c2db41c5
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36e29c3f1bde596e1659a920761392797413c87a4371aed685da7963d3dc6f0f
37fd22c1a997bb1c9d67d706fda22f1ea91b6a9dcd3bfc415fa55937fd359aaa
3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2
3965e9361a3c6e9732d52eadf14244cd57d1c47e13c02673f6acd81620736c19
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3ad753512028ab9454846db78b92c123be24f761177422832bad76120e06a6cd
3ba185428dae889fa4874cb4985e4e057c69fc55eea670452d9e02a75f11b7d8
3bb5351d59c33c01019ffe6ca2fa98e122b40a0594cc460c5c870d54d62f9aac
3c20311694b3218fb21981ff0b0a5298438796bf2f9c947c0c3310289706f69b
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55
3c47ff9781e5c10d5b7a4edbd121682c9d6150251dfa4c0820f9939a70e623f5
3d947d508ff3e7840447afa02b4d163c784e585f5a7517a2c2a40564eca28016
3dedebaae73adc33be883fb7623603af1a1a070f571a0b1ffb015ae540fa0b82
3eb9e7799c523681ba73fdd0f9f4878a7772ad85d856ae52423c26964c0eb27a
3ec6a1b01506113ebf3b2f0e3a294c7c3dad49dac98ad9263d2311a72b0ddc78
3ed3f03718eff3ffa2046ed596a64358bf78d8156bc22d20555181269a1632f4
3f17663a307134364af3e4ddc5a97ca0dd14b15aadb0627199151abd18c2e616
3f254f124ac5df59bea509037c6cc85e1d997b394cfed336c656add47aa9ba8c
3f851ce396b51a773182aaeb21a7a81ec7e7cf97abd7c7dd1b6646d3efcc7048
4002ce2efa20d093b1d700a97001f3071d9480d2ba56ba56350db172dbcd7c25
404444e201aa3355b7545ff413b0408a23e05aa53f8221976e802112ea416449
40ce10b1728b498605c8f7e1ec66317d4033fb194a8b531cf59ee537957427fc
41202b70bfea4411f51298b088d306e05bb070d228ad4c86025796c48b718eaa
41be49b2c1f7e3a3463d40241f8c543e256ffbc279fba84d4ebd27af511b5e6d
42215ceadd2b46b0b790c33d8cf26125384152dd3fd1a1b5917a5f6d5e8cc006
428a90a6fc7ece9c3e55c1f17f3043697ee78a1ebd4c2aed9379367bd20e1e08
446a920d78747ec1b48b4d70a242ad5d3c583bcea9ae97c91bb39b57e199a70b
44802c283aff71f6b9c2b97be74d6349ac69a0e76f12079b515d95c692f7bd91
4506fb221c1dd5f5f33bee1421a19d4eaf99d878ef193e9675e907999b700c27
453f130034a0523860d786d602b419f84c966d13bfba58f38762b8d3fc0b2030
474cdd89828882068fce56d11813828f9dd7510c05daa3b2e3e5588317435501
47b754481a5f5a7f79a133427c73476db19d2a781b05d86b37081f591f41467f
480d5b26935e27640c98365cfc7bd4a663c82d2affb64ffae8a4bf9b01b5e9fb
4867d78d8cf2d27090f436525403b30019c5b9c6808f8c070e9aefd14d0de94c
48929504599c318a730faaf8493680a02fad83854ecc7bc60e813639973c9fde
4917a38e1d58f7b36fe882f03446589c36f40ebd329cfc54c5637bfed9f9824d
491d0fbdc748cb28fd9fb80d920c5aa705b5b8b3b97e826aa6c4bee4ede0fd87
49539702a839fc0fefc0552e74757c1500a602734fbd4a4d6d3d815b7cb9af54
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4b334cd424e78bd1f804d6c9d828eb92fa8412a0767f823b0587814e41b54848
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d
4cde3963ee7db052e553a745e186c7e9dc6c74bffa16c27238818eafd696874e
4d4547f166b8dc0663c3abcc41687ee0137a81cdc4d0bab9d807111198fffca7
4d6f09b49bc8582f0a413c867dfefabaf48920cbb25bfc3d3d760e2848a65f2a
4dfa523e27e3cc936f0d786f3aa73bd9af1fd535cba4b1cc43cabdf33cf1ee3d
4e0524f6acc3a65c90b93b7760e6e58ae838e9dc9506c7f34f13fad5965a4e0f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f6783d500427e61a892209ffccb262f379dbb23714af8a615739306f7bebc0e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
514578a1d50f71241d0f5c90a83291a9597087356d934d7652ce05070048b9b0
51cac33d2e0f55e9e968285435791695ba3259abdc434e99101c2bad7e70c46a
51d1ef5d5ba168d33d8bde625502c54c423ef44bcf53c7c3799dcffb0cc9bf0a
5200e468e0ee79e62e5bd0cd20bf633ab19fbbbb728dbb690d461afbf9ffef9e
5207333941efa23ca5ba590b4f49fb36bd687094f851638156a92f8e6294ac15
524d52ec2655ed292ba2fa5e467ad74afb001d1615a5b439c250957215206de8
53a1a3d6c5bd947c6eee0a398e3d0ca97da62e9b6810519bb2940b9c435d1aa2
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54868d1414fbbfd90c33e55ff9ba852bb3a89103446cfc04c863e61d76c67537
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c71ffd5895d4c68c43d4e95d07b054538cdea0b23935b46522507b44888466
55172cf998222254b48642cc653c0333c6c9d69a8a69ea9141f193a477a8447a
558c137ae8d2421d46b2ced70dc3d8eb54a63544a53930b30a555b7686001c91
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5707ba90dda30dc514b26017bf4a5f8c08c26002839b579376f703c784b0d45c
57b9ffddaca412f29c9d6ea278d99792ded8d7fe8a338a9de315f9798ca5b954
57cc17ccb9ed9e69ef54d7e57a90635a330478131636982141231e9ba045cd95
57d78b9a23ff310375991479f6e530277a36963418d98aa90a0f2ac8aa14728f
583ec217f74d685ac9cd7284bc5acf475f4609573e3dc5aef37fb73a7a16c454
5905ce031fbe2e588d0c5acb76f3713d664c85d807849f7883cb67dbca5ff251
5953ef77e50c18a1d13dfc5bf7ada74434192f93324625497e5e651079e0df16
5a36011812516a45305217c2fc2d0a0b2fcf9e66e4c84708cc1b6818066024fc
5b685aa3b92ad997c10e92e89a5a58e48e97f8811fd5692d19c2e4ee362f7fb5
5bd9514f799d95f78da34d9c1e9da3783a3616a3fdade5737e8c6a238bb0f637
5cd346875d100956f33b228c65b2eea3e958621a4d906b95c612c0c0c617a2d7
5d3193d2016bffa3b0f4db8009599cd0531b2bd70eb65bcaeca6e9b8417efa31
5d46b5a818894adfb303f61890f3d0ed390e464e9c69b4da41dd31875fd4b12d
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5f3d6bdc9e2abd036311e3c2d71bc9b8c305b28996a4dfe27a4f59c1895492d2
5f78b376c449eb72346fd7e6c3a1ef6afe242cb9953117ec67474f3dc5c46220
6030e59b3284c2dadddfb47bb8f1f5446255b8276da0441575b9f61f2b355ea3
610db2765a546cd3df8577915e1864fb3d8563083774c6168ef38fbcaade4d10
611d0be362ef936c2ad04226e67fb242aaa8ce5053d2cfdcdb79f0ce7eb75f69
6132ffa2799ce6e554be2ab3d675633bb76eae6ac93a5adac455def3b9340bc6
618d3c3e4761a7573bc98ec4e4620b3ec7464e9a2022bc2f7dfb4ae1943c3025
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
627fabb28705f9298120ad164d77d20a9d97a55bc63ac90c95fd674e1afc2632
62e30fa31740babccb972d2544d6cf48356ad7d5864229f9d0750d5ae77a3a88
638d2f5ba5cf501a58131a42efe30aa2c2154904b0654a517cce4baeef308022
63b3699958cb888e6196932ce075e619d989f5705a2a705764e7b4a2df319902
6552998742940e4653e354d769d284822ad3079d3aa2791e355cc7031b5ae3a9
6895bc403275bb64d3117322093a1cb18536236d1253c88d2748c2927a87036e
692bb2ef06437e49aaf898763c541af084f005d4f195e3ea09d51b8b23d7115b
69ec8663bf1831d5340d5296a087de1d08e134ff2c018136a5050f9a5022e4bb
6ac8a6a5a955091ee9269f2f9b738859ad85e013ce22d70ad560451e9b40f863
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c387c7d90607aef5af34bd725ea7e2231e00575b3fef63e9edfdabd4d2c1a9c
6c46b95b6a04469c152640a5caa33a1e4060b1c1515fca04e33acf71a697d1a6
6c66174bdd188ea0a6cdc03fb938ed608c8502b8de891ae7d6193d2af0c338b2
6d1738db6f84bb15b18364962c006018149ed343f1d08fbe9e8a19ef836bdbdc
6d7d42b6d1b61bf5da707978ff08a2796bc2b1032ed4494eb1694ca309814d6f
6de75ae6e3cfae82344f263f632489e5773544b72735737b8c7aa98314a3d119
6e37e80c70319cef5825a0c567a263894f00db222c730ce8b88b5fdd49249636
6f036fa79597e97410bbe9a223a92ed409aa34b72175e0f4a2917e70eb49171b
70b420618b8cfecbbfa96a67399da075c3654b1f5f20415be5a494680b67d7c9
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac
710e9ec54c57a14e2512948ae46683aa38b84f67aa3ed8f055f4d7cc0a80c1df
716315cd5003af76ab26facc35af4fc97cdbd5b7995660f14d1ced4b5246d88d
71a64d82ed79d6c4c8cb1c52e11a4e233ae803e37d4331e4ffcceb99b876f791
730673dffc744e8acb140735d7ba1e9064f6409a6e64de1f1eaf1ab08e26fd51
75477f3949958becc4b03ff08e32ce45672db6409b821184fef888f2a61fbd51
7568a8bc9a3b48de2727b66264598225a99198321f422ae119e501d6e41670ce
763bb2c0bde38ed51a85e774c4d38ade02cc9f0d65e39ca1ece77a589e86646c
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
7700e02a0a774656d7a71d792e961d719beb2f74e4bbfddf1b8d6b1e59da4242
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
776ce9b5e7bf7789728b047d309f2c334e821491a822ce9def843cd29be52299
779dd7ee4fd7b28ab24bff07a73673168634516d2840021a0211b422d31e3059
793cd4d02321ea3f8e40460f815bbd287768a4b72f1b37ca2822627258420b51
795f688ec278f53f116dc18391f9a4fe78d499735a13783c4f36a84cced04047
796d552d207a4a7aa4a8043eb64b3fb5092972d4395a6b014efac08f36c220f9
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7ba2173d6a7322cbdaf54a1edf6c31903d3b2f0fdbb03411230402ac1a2b3257
7c905fa103f34e93986a57259d8034d3446a0ff54288f066f2263f177584fb24
7c98b9f53df7564ea0501fe91af312efda504a9b5f927460dc0e6d808719156c
7da67f434f4b1c7588e36678a93eb406365ebc7327fbdde63e8a33fd80e1c9b5
7dc54c2cda854fd13e31131cc463e928a7702893b8dc77d67f58b95cfc0f7736
7f255aa8888e002b0cddb9a5f559b41b6211ac3f3b4d4005cc94eb4976d44b1d
7f315e409f6dd22535887665f0995988539ad88188e234752cbe6b23475d8f72
7fa03c84d54a8cb2b6c74b2deccd56cb07fb8a14f8f0cd10e0d702d8d79802ee
7ff76216c6a32230633a6370e7254675e136c2ea43b8b6282d4667259d49c9e8
812e7916a940bbb32e8cdb65f1f3b186844b2c94dfc37d4ed72bdf4bef455cc3
81d26b359875c87f34c7a0f24dc6541c03e0f0f8e1936bc26a4833e3117d98c0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837af2328f1892a684bcc45e2f1a01a0936eab43ac3998660687b504443cb820
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86138d6b9f293675aa721961d190c5bfbf1755a9d945b5d6a74a69378ae41fbe
8665f9fb827b94b5b4001148ed08b6a29b75cfac0c654dcfe03a94ebb30c8fc1
86a676d25a23c478b5064a3f6d9275179f67de2bbebe1bfa842719f73658650a
87836ae66ec86ce054d125ab4887ce010ea36910330ddbb9806b0f80a3b72d8f
878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3
89826c702b6218ec61ed1341f78d3d7594893300e4b8789040c22ce29721a43e
89d171a4d59e745c28bf0ae9dcf3784b8417aeb344790a567efe6137d1d2a117
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ac873034214b2e16ab9f6d96bc08f70564be7cb9861352143d94b10463d9843
8aeb2aacc69370ca7485addf948ff95becd05d389274aea6c079c1c6f2f27cc0
8c19b1480cb1a8b130b990db353224f4d60d903d9f50f526ebc9484e07799c7b
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e19cb4c643aa630f4356fdcc3dbd0a76c864397a3aa998cecbc0877cf0ea23a
901c00bc8a155d7295088b2445c717289552bb5566d3554967ea5f0a255fbcc4
90376fe788cc5c4262dae5282e87530ac4c714683b2a6dafc0980cbd89126c04
90664020ab32f5e09885c52287de79f1629492bdc5d3ba18614d95e226272dcc
9082df375d326487e81a00c11e7b9c8b01ccc95423e066fa05e6d3239b335d8d
90ee20c6b2fe58c0bc327b411d5a68e2be5eea7b37eb642ee9e1a73f4c51f5eb
920bdd8aa4937ae328a35cfd1981f8e3925b64e3fd3d21bb8eb79d9a673b6995
932e3fce14b1767c64ecf23621f5d403e929f043084bd0c1812aff0c8576c602
93984adff71c5720735c377ebbb184f0ad5e6f9b355b41680034679a1957291d
939e7ed4cc62d8c8b958e48e5cfe0a176e10e80e8f9cbe8e4fa983ba4c445732
946daf331884e216278220d16dfab5eb8923bf923f858a75683f35dcd62cad82
94ae74b8f76c01d8f313906628b49afb6078e31c25436a9f980ffcbce23abcdf
95abe5b1e4ce00e56c1c7d08820eb0eaf6eb888d6551905af5dfbcec42a4e835
95ec5362c0ae5dd27bcb0cd301fe1a5460c4384e4b932702f11f82373bab7aaa
96dd30d1fffaef24f809000fb54513757729e166b1ad03eac4978633a6869d08
976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9
9848e1900be6fb5365aa67f8f7df1f0aff3c354c97ee22628c7d1808154de6ff
985da98fe4a246bd70fb6491c0c1624ee92d2dd32e67e14c12669ad2f0c4b1ea
98da90ff6e70a33b2d7d484e6c08b970f621938106a10fb5a2d3bce7bc501180
9a8609eeda77369cd567a813411d740959695b5a47db762f2f6dfbb6006cefcb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bb22fb29d4dee597bd42cbd2b3bc41d351836d9b7409730da060174ce3b2e50
9c44cdc0bd6fad0161e765482b735bbaea0490dbeb031fa5aa8bd1f0af50f782
9c4a100f4fa5ea0213e1159698f3806e4a96aadcb32db2c8865db584adc7d871
9d07bbecd4dfc4ba55c8c36b64bffebf293b1a35d6e1191b14a30edfb3160e2b
9d209966935ea7907d4e2c9be264e8f869dbb3d124b2a947446a17e1a9be3b8d
9ed7c9b6e38e405c40e249161c718e2d2d6baf5889c95d17723f86787641ed1f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0134f605dec5c2c2e0c79ccd3717df1781c0c400c03e101bcadc9179083b151
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a06fcec0798cf647e7214434bc14ee170b6bd6c0b123749d1716ca1ae1cf4cf2
a0a5acfaf87f0963217eff8390e77a005f0e4dd6d08b324e1c9af9f911796cdf
a0b1a7bd224e6ea672bb07b36f8da8449f9cb6e863518d35ba06cbea67857442
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0d90b4fabb6810c554dfea9a06994c0cd7b309e3c5674557b00d402e04eb004
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1f770e5189bda45f48850960cf778982b4dbc71e8a572724d961c7a786823b2
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a27b0d8ced8f1461a7f63953a04e799cd081285b034ae2b2a6470be73b22adaa
a27ec72f8b9a4a8055041ff9a586cb93675a9f990a3f0c40edf5a08bb998e305
a2fc8223907c4c89a84a2965657c9883575067124124c8d178ebc4c4d807a4ee
a3261e47af41ea32aea740e67ff661f0cb9df3dc6b862a965dd9a8d1b99416a0
a3d666d61ba0b00cc6b56203773cfd9be034540c7d98bfb32031f21a8d0489fe
a3da22a435976dbc1aa933bb0a870f2dd410c95ab9d4f4284ea0188eca61316b
a49d62ebf2f107714863bfd0fe4701e58f85d88b44d873845daa3720e33fa177
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6db16d8afce57e4a01eb12c54e3722f2ce596d547cb2990c27bb8892ad1ea31
a6f564cf133cfc26e10d80a745642081f4999ce7881c86b84814f168c88a9023
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7ce9a3a3497bd8dfc36ac8f2437b7ed699b3041fed13be80fb0fed3f24716b4
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
a8501cab548cf8a5340cad45857aadc7d8771f0f87f5d882f34d9d4b89f68f36
a8c9fe1107e3ee74a4a0d5963058746169fdf14b5d4138ddc13de1ed16475ea9
a907b5d217cc55e8569c8c1f2026b66f12337525f79315ff1ee5edcf48817f96
a94b1df49cd1f0179f5e1110f80d13b97bb84f3ae1310ff67829d68db89df390
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
a989bd6456355cd905d347528af9b1ce657b9b28fe85a9bc8cd9ae1d7d41961e
a9a71eaef4525955e005478a8545b54fd4429564e1ecd9f4d943c93ea21a8d87
aa048a2347e09ab50e37401e1ed6c232d6fa992e2ea752576e99ad3ab542f45d
aa82c59435aa8476c1d1507d803be1dbbf6c3dc422048a565fed9eb405c5d1fe
aaf58fe585cbcc76094d23707910520dc7e2e9130342905aff91c58cd462c2fd
ab65663d91d2b24d60789f9520742dff66ef06afa1477dea67aa172acb6c840a
ac68ca2fc5b344bfeb1836d5bbf7a8d271dde1cbf5440f2f3a4464f47c10a620
ac6d3c738a0ab220763e2d2c81411308d026b7f909f747d2a2ad0cee98c18765
ace0ac15d2a61d8f72177d972b781a131ba12375032dfd45c483f46be536cc81
ad574b7fae620f9b29d884379af4c9ac7d761159d64e4f117d1d5b29a856e846
adb9c0dd57fba6d0ee1c2dddf43e08cc61ad36885bf001321d3577400d088701
adc24d49794343c273a5590a066402c375609835dc12f5a9109ff84c28e6159e
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a
ae829f91c5894fabf92675d9ccf31d618cd5e4d9a518274c532a727d71e8b3ef
ae86278189aaa71bbe01e42bc8d08c6998f2aca71c2ce11bcdc05a6b45841859
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af2ac8055983b59c939388ef2b32ef532b5eb338d4f1758be91a125d4f07d83f
afcf9e30f7373c24cd5f165be53de5b59cdf9c8696a15771e6f8ad677d599a57
aff5bfa5e6bd14ef3877ada391f3e445e1d5e142566f84408f7ae50c7b7ceaef
affc7465346ea96f040285c0a25779820afddb764f9e9bf8e6fdfe3162891602
b0b5da7e151ac3827a6b8f13fd19967fd4404ae45fa3eaca80adeabf35808c9b
b0bbaadba0e46405bfde24d4492d85c49a548102a6150720deafa2adcac4ecaf
b0ecd798e7765210a4923a3ea4dd97435f751c35127a44d4f43accf47ad1e86b
b115744203d4a4465e30e93ce3e33b7fe9120ccde3f32d4045623e9d041831ec
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1eb05809c17cda7941dd5a92e575e6b36a7b0054f4d45a4f726dfc94c4dd885
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
b3229f4a81ecdb67f29957de2b126b91a33e9c275adc4b3367b7e8b3fb42de5f
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
b4698e4108a364a339ae3aecb146c246cf9a3b83fd23fd93717eaf8f122508ac
b489577dce67dfb05d32019964f46c4c2a8bbda3ae6ad8543131e21ac8347d54
b5781f847fd08091f930623c2dbc2ccb54c61b624efaa309b0ee29adbd176ef4
b59dd2965f58fc20aa2ec6600b3051df031b4ae638b4742e944224f9df43b2fd
b5b27c9c7226962d8841824af1929aa5d512c99c91f25eb84512be917e897e93
b639864f07aa4711dd44dd5a09e5fa230d0d3f82465dfdc2b875a3380c301283
b6917bf576e81a442917764b17f989131d74030c60e62f63bca81851538b426c
b789b890c6639b7dcb1700a2ac34d6784c9980958ce492f0a5240a53d485bf2b
b898198e3cd6d595d2917c53da74a6136c43f6b3e4b5dd46cc6e0cd743ba9676
b909b819de73b529dfc23d1223be82163e1a034c44ee8ae31598b0d20bce3d34
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
b9c005c389f0e1dd1a2f741b7e7be413adf007e4bb65809531a8806c0f5eb802
ba4be377f90a695108be5897d8a883a2c7bb6f88dd5b5e1f2630475bd44d6d29
bb3ddc1e9f0657db1d5ac712d5752513fcfb8275e4666fd0c2c21712755237cc
bc789c11f792ba3fee7ec986d060f5efc6bea4c2ebc10c05b027ee5549835328
bd0e968cd0732619243a5314d6aa31116340b5c176c7852d2695a5b78f101448
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bfff1940a635c5ff12a173880a88872c1120739c0336c9d952fcab04ba0b3652
c00c71981addfbf9325f6a4790fa82019f435e33743a8ccd58ff790879e33cdd
c0a898a2dcfa5fef330cc475218837d18afd1925818fcb0f04e552b37e0195c8
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c1a3964c0064323da7e7666e43a8a5e57d63e12f30efe66d7f1d58ca850c1cf5
c2b3bd344266b0e4a44b8add0800dcbf04237255843c23d507a924b6584f9889
c2c4d4ebf5dc7968063414e8cee5e6f78a4a72e5c65c96f43f8a6d073e646b12
c4a6aeff16a111eb44e2e4028949d3ba465aae914a2fd24884de951d36f08603
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
c5e2a8ed52b4f7c1706467a053a88aeebe816ae23217d87812d1709a71267a46
c6a6c07cab49251af6076fe636000a5e7601af08dbe166bf10fc8fa1fa842478
c7839bf6f5f615f1e09231be909b7b4b3654e5ed13fd41db679d2eb25077ca48
c8b7a9b205325f5b9814ceb75ad1a4095d980f20f445e8bdb2a7b5227932092e
c9244ec01b005c2513817a2983888ff8f5e58c6d9766da7fcd9e2f09ee47099b
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cabdfb214a4f4a69ac417ff9e48f28610667628fc23b6573f9d1e7cc2d47617b
cb1627c5539eedb7a07bf3bcd0ff6030a264c954c3ce63b94520b77fbcadea41
cbda26309731e9052cda082e4d70c2e28dd654d259651e356a59a69a5903c9db
cc05e9f04683682906d0ad443881bd19fce83e240bbaeeb6ec814ce757204ee4
cc1e2b9ce7d7f1405b658dc35826027924d76e808c7e48cacd2d40c4f9299636
cd675831f2e17631831dcf700a43a75d611aaf7ce31c4fae583eb191b2ab476d
cdb71be7dca0a2bc583d6a9fcb1e776519d597a9fe39a98fcf0350a9722ac5d2
cf88a58d4d001935ce86f838a496c23ece1c026fbe9918cecfaeed715c75af81
cfcdd352bb06fcc5c0e6f3f9b96e0c9a7d42f99b94473534d5131dcb4a104ec9
d0365d6c9d95c7fc1f71e4d607e55cbb1031662f3870be65a4b40b4bff3449e8
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d16ee017d689e9e9b3b72eac6ecc16c69465e6e96648c97315cc4397cc8c9435
d2598c87596c951d3ed95cb8d725669d12783890d657953552571aa563b852be
d417cd3bf0128d55b58754b4053caaa0c512e877f332ed1c8b805f75ad702955
d522ddc0733e416486ea62aa5ecf0c691b61747e60b9ec30405217f4f8e1b979
d573c57b3b4352f1f55418e15314776563c4c380c0f84f9aed637eb94ab5265a
d63a0e4ea320c3674d77dc2b87ab23aad3d4807b32aca18314c6c1c713cdb42b
d6ee04a3b930e47e58abe0750df3a68f68392449f9261083bef70fd9caf4e74d
d77b5fa8ab16e810b58ac909b4ad45c6568dfc3ff491d16567fce40288bf087d
d7bcb7b0529ef5c289a8d8302b60f946370caa9e8c077bc353517668767a5958
d8102a8864cb6defc7fa360caecc709711743dbb21ef8d90dfef55a72054d98b
d88cfafe21cca9338a04f0588f851560efa7f2a2cb28dcc12170dcd37303c218
d941692cf3bac38df6b62e2f4f11079ea102485f69d43e847c6dbcf3543d0969
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
da6739c0a1154c50bde6c6ec8feae23247eb9f672707e14286067e69fcca99ab
da7bfdacae66cbc83e6063d3ce4687b0edc0db87f562f114cbb43166fd61e4cd
da877ad2c44df0beca30c18a53358b832ce9603964a11fa61a1eb059a5493559
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dc8d3b3701a95fae0ceb13be485bd16a31dcd0417066c9cc604d6c12e89bcd70
dd1fe4f8a74b8e4e567fd9ada0d5a70b18022de00b536b77a59c4425baf26293
dd382c876fd7255e44e3df2dc05e7a35755a9e9bb60d056a96e01ad135f952c8
dda552fe43c6560c271d1c612d6801919e3127613b4a8f249b89120d26ef13f9
ddb268570d64a641ebb583735c70e62d40a83b000df689a19bd53bf034ede2e6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dedf3737abcf3c9d6b0c8a16d0cbe4022fcbe2fe1bb31806a4cdd8c78a970958
dee254a5ae0d5063e16a75e8fe786c6daf07e603b7b485752728690637d8635f
dff6d84c74fad1cc1010d25affa12ab3d493db8c68fbcf3d62b73e2131d5b6da
e05b9834df0231f80a8574f9737b6b0157a98d4a0f86d460912076738f8abb2b
e0637f512c3a09fa700cdd0aafbde00eaa0fe40da6f70909261569e6f5244518
e0649fc170d5fee0d5326e93b1d0e481d831db57dfd657bfc53ebd349e4971f6
e091e49dfd6df3afa2eadfb799c8703d4de4181707813348004d335bccf5f0a1
e14a47af6697d522e9da6e3a944ae8503d38e81abdaf2c0e245aa4f54934aaaf
e18248ae265521bfcd2e4b6426b9c9142a5795a6de11b637a03ba0d5d7aa922c
e222adace575902a83a50c0a263cd2501c661729ac3134b2c1d6f7a7fba310fc
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e487187e3cea8e12d843bee5b27c35ee11900cf7a8dce8664760eed3ecda0d55
e6614a358af741f917f493fdee842f905c38158e541e04162da6a6b586867dd6
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
e6cafced5a19ae0e443dd2dac21a3934510f461c645cbd171c28a35b776e8ba7
e79e3b02f9a151553428c71d328e7a39c3c2109386b2f3beb01b1ac9ca5db752
e79ff5fb403dfd221e1b8a531424bb7579536c61b54839ab8e77ba322a9b212a
e86cf6e2cedfccd5ec9b14e8adbb21a6320981eac58ef8155fd39d24a0f814d6
e8c611574208f5e5e1373e1e1c7c3bc03797ccde71a1636a3bfa8f0e4027f45c
e8dbd124a1ef2f834ae1ad736b35d6ddd31321f4d364a6a5105a5f5257fd03da
e8e744a0d15814e1483b0c1cfa81d30fd70e5a1828a49487434be419da8b7fa5
eb4369fd4035cfcdb0909dfe5bd140d66231b1f4c6fab17c2b802a4edbf54449
eb65bd614642c16d36dce88439f71caaa9cfd8c8890d1e4f39476482629b8ff3
edd65e922fed9ee65b9550d725ecafb1b3c03ff4ca7f80910e9b6657a9fe1036
ede6ee6355f711871726a1c7a94e36a4f508b56e05c37de1602ad46da690eff3
edfa73970e1842a8542aaa2846334d7f5eabb263024910f1ecfbbe92c068d4ca
ee7732b082509d32f714f6dfdcbcd15fb111e537becf0150837a6da3b7866af6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef202333ba48afabd12b21d0986ef0c24c08b0ef2a07aafec1184751abd8629f
ef69719e547ba6c86825a9a7dec6c77c68fe2befe3f2e3def295ae094461ed97
ef7f142c85d97b51ac659f22af22d7924daf00d553dadeeb2807a23c5cb48a94
f1e9d37f24abac22ea63095fc250b5b63f6ed616b8f0f0ad55ac889412ca1da9
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b
f2d5acc40b303c5c7b8d41a3472de6bea841871f10f3b219d0add5c0d673106b
f2f0360da4f889974f00040b2da4c152456efe290a8d7ec533e9ad8404ac64f0
f331cfd15bd3aa18711ba2d91f27fc3f7e6f4ee28079b76c9529f4e77f11ba92
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855
f4d05911ffd044c8710c6755b4c534b10a12be020c516754e8391edebc0b6af9
f53b360e6c7462268934f7f22b3b0f631598933845cb065a9c13a450ca6e9587
f5894bee4a3a0a114f90216615bf5f64f02fec0d26cca97a55ff7486202ef408
f625c305c3c962ceed6410652de048f18e72d104bbdff47f0ceaa384d60b268a
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6ed1081dc46c8dbdc17e7c873db3e58587849da57c9dbcd9d0083a20f058c07
f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f8028a2f969e448dfa872b4e2a8ae6d368c77d6eb7ef80a8e40a0047402046e5
f83a7958fde7f01cb32fc45e3a4e6f55921626271dc47267f70a46b764b72cc9
f88f92ccab51377b340c97083ca13980b2e2291e8cbba1b1780c21411305fdf7
f8a0b7f819baef4d12f735b0fe6857421fd973f7f2872247849ea64e55332898
fba9fcae554e343c051c331471b0f36b3ba4a094268562b8d24872835b096b37
fbdf023f760d390a0ab0d5e9cf9f91c2e50fb6b442cf81f87ea7cdbf911a9cf9
fdbc6ac27038e4fb23172e3ccf494fd29b296254688c5c27ea35ff67579cca53
fe2fa8dca0cf66431ed928d0b6078f15bc2ab302ce927dc71de86eba347d59ec
ff0014235e8e7f8387c727fc3ad3ca6d75780c07a41ad85efdc005645cb7bc9b
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff38ba014a57ef8527b62cf11a5eaa8b6260495a58ff8fd32fdd686e64625a47