hd.stheadline.com Open in urlscan Pro
79.133.177.230 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hkhl.hk/
Effective URL:
https://hd.stheadline.com/
Submission: On January 11 via api (January 11th 2022, 4:25:45 pm UTC) from CH — Scanned from DE

Summary HTTP 309 Redirects Links 62 Behaviour Indicators

Summary

This website contacted 33 IPs in 10 countries across 24 domains to perform 309 HTTP transactions. The main IP is 79.133.177.230, located in Russian Federation and belongs to TAOBAO Zhejiang Taobao Network Co.,Ltd, CN. The main domain is hd.stheadline.com. The Cisco Umbrella rank of the primary domain is 82306.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 29th 2021. Valid for: a year.

This is the only time hd.stheadline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	203.80.0.172 203.80.0.172	4655 (UNSPECIFI...) (UNSPECIFIED Sing Tao Electronic Daily)
1 69	79.133.177.230 79.133.177.230	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
2	2a02:26f0:df:... 2a02:26f0:df:3a5::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
55	203.80.0.157 203.80.0.157	4655 (UNSPECIFI...) (UNSPECIFIED Sing Tao Electronic Daily)
7	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
6	2606:4700:303... 2606:4700:3035::6815:524	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	203.80.1.102 203.80.1.102	4655 (UNSPECIFI...) (UNSPECIFIED Sing Tao Electronic Daily)
1	210.177.64.9 210.177.64.9	4515 (ERX-STAR ...) (ERX-STAR HKT Limited)
3	52.18.187.187 52.18.187.187	16509 (AMAZON-02) (AMAZON-02)
1 1	46.51.218.109 46.51.218.109	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	52.211.244.253 52.211.244.253	16509 (AMAZON-02) (AMAZON-02)
1 35	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	203.80.0.196 203.80.0.196	4655 (UNSPECIFI...) (UNSPECIFIED Sing Tao Electronic Daily)
1 5	13.33.240.11 13.33.240.11	16509 (AMAZON-02) (AMAZON-02)
1	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
8	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f05... 2a03:2880:f05b:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
21	2a03:2880:f05... 2a03:2880:f05b:a:face:b00c:0:1823	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c02::9a	15169 (GOOGLE) (GOOGLE)
3 7	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
45	2a00:1450:401... 2a00:1450:4019:805::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:401... 2a00:1450:4019:809::2002	15169 (GOOGLE) (GOOGLE)
1	203.80.1.166 203.80.1.166	4655 (UNSPECIFI...) (UNSPECIFIED Sing Tao Electronic Daily)
1	79.133.177.227 79.133.177.227	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 1	35.241.72.115 35.241.72.115	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
309	33

1 203.80.0.172 (Hong Kong) 1 redirects

ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK)

hkhl.hk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 79.133.177.230 (Russian Federation) 1 redirects

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

hd.stheadline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image.stheadline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:df:3a5::1e80 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 203.80.0.157 (Hong Kong)

ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK)
PTR: static.stheadline.com

static.stheadline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3035::6815:524 (United States)

ASN13335 (CLOUDFLARENET, US)

code.hot-mob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
webapi.hot-mob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trk.hot-mob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 203.80.1.102 (Hong Kong)

ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK)

res001.stheadline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.177.64.9 (Central, Hong Kong)

ASN4515 (ERX-STAR HKT Limited, HK)

charts.megahubhk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.18.187.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-187-187.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.51.218.109 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-218-109.ap-southeast-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.244.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-244-253.eu-west-1.compute.amazonaws.com

singtaonewscorp.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 203.80.0.196 (Hong Kong)

ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK)

vod6.hkheadline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.33.240.11 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-240-11.hel50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

singtaolimited.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f05b:10:face:b00c:0:3 (Zurich, Switzerland)

ASN32934 (FACEBOOK, US)

scontent-zrh1-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a03:2880:f05b:a:face:b00c:0:1823 (Zurich, Switzerland)

ASN32934 (FACEBOOK, US)

video-zrh1-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2a00:1450:4019:805::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4019:809::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.80.1.166 (Hong Kong)

ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK)

stat.stheadline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.133.177.227 (Russian Federation)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

video.hkhl.hk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.72.115 (Central, Hong Kong) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 115.72.241.35.bc.googleusercontent.com

tracking.fingereach.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
129	stheadline.com 1 redirects hd.stheadline.com — Cisco Umbrella Rank: 82306 static.stheadline.com — Cisco Umbrella Rank: 203976 image.stheadline.com — Cisco Umbrella Rank: 213144 res001.stheadline.com — Cisco Umbrella Rank: 582946 stat.stheadline.com — Cisco Umbrella Rank: 334074	4 MB
53	googlesyndication.com 94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 127 pagead2.googlesyndication.com — Cisco Umbrella Rank: 94	380 KB
35	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 88	1 MB
23	fbcdn.net scontent-zrh1-1.xx.fbcdn.net — Cisco Umbrella Rank: 236807 video-zrh1-1.xx.fbcdn.net — Cisco Umbrella Rank: 450540	3 MB
17	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 175 cm.g.doubleclick.net — Cisco Umbrella Rank: 169 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44	170 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 347	204 KB
8	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 69 www.google.com — Cisco Umbrella Rank: 8	2 KB
7	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 398	175 KB
6	hot-mob.com code.hot-mob.com — Cisco Umbrella Rank: 153974 webapi.hot-mob.com — Cisco Umbrella Rank: 159091 trk.hot-mob.com — Cisco Umbrella Rank: 156854	31 KB
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 124	3 KB
4	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 184 singtaonewscorp.demdex.net — Cisco Umbrella Rank: 193888	6 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	20 KB
3	hkheadline.com vod6.hkheadline.com — Cisco Umbrella Rank: 719492	69 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 151	100 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8579 www.google.de — Cisco Umbrella Rank: 6151	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	84 KB
2	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 475	51 KB
2	hkhl.hk 1 redirects hkhl.hk — Cisco Umbrella Rank: 256762 video.hkhl.hk — Cisco Umbrella Rank: 404909	151 B
1	fingereach.com 1 redirects tracking.fingereach.com — Cisco Umbrella Rank: 155813	729 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 583	214 B
1	omtrdc.net singtaolimited.sc.omtrdc.net — Cisco Umbrella Rank: 150081	393 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	39 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 776	517 B
1	megahubhk.com charts.megahubhk.com — Cisco Umbrella Rank: 564967	6 KB
309	24

	Domain	Requested by
55	static.stheadline.com	hd.stheadline.com
45	tpc.googlesyndication.com	hd.stheadline.com 94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com cdn.ampproject.org tpc.googlesyndication.com securepubads.g.doubleclick.net
35	www.facebook.com	1 redirects hd.stheadline.com www.facebook.com connect.facebook.net
35	hd.stheadline.com	1 redirects hd.stheadline.com cdn.jsdelivr.net
34	image.stheadline.com	hd.stheadline.com
21	video-zrh1-1.xx.fbcdn.net	www.facebook.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net hd.stheadline.com
7	www.google.com	3 redirects hd.stheadline.com 94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com tpc.googlesyndication.com
7	cdn.jsdelivr.net	hd.stheadline.com cdn.jsdelivr.net
5	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	googleads.g.doubleclick.net	94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com hd.stheadline.com
5	sb.scorecardresearch.com	1 redirects hd.stheadline.com
4	res001.stheadline.com	hd.stheadline.com
4	code.hot-mob.com	hd.stheadline.com code.hot-mob.com
3	94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	cm.g.doubleclick.net	3 redirects
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com hd.stheadline.com
3	vod6.hkheadline.com	hd.stheadline.com
3	dpm.demdex.net	assets.adobedtm.com hd.stheadline.com
3	www.googletagservices.com	hd.stheadline.com 94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com
2	scontent-zrh1-1.xx.fbcdn.net	www.facebook.com
2	connect.facebook.net	hd.stheadline.com connect.facebook.net
2	assets.adobedtm.com	hd.stheadline.com assets.adobedtm.com
1	trk.hot-mob.com
1	tracking.fingereach.com	1 redirects
1	video.hkhl.hk	hd.stheadline.com
1	stat.stheadline.com	cdn.jsdelivr.net
1	www.google.de	hd.stheadline.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	token.rubiconproject.com	hd.stheadline.com
1	webapi.hot-mob.com	code.hot-mob.com
1	singtaolimited.sc.omtrdc.net	hd.stheadline.com
1	singtaonewscorp.demdex.net	assets.adobedtm.com
1	www.googletagmanager.com	hd.stheadline.com
1	cm.everesttech.net	1 redirects
1	charts.megahubhk.com	hd.stheadline.com
1	hkhl.hk	1 redirects
309	40

This site contains links to these domains. Also see Links.

Domain
paper.stheadline.com
www.facebook.com
www.weibo.com
bit.ly
pop.stheadline.com
hdfin.stheadline.com
blogcity.me
bmp.headlinefinance.hk
www.jobmarket.com.hk
static.stheadline.com
www.singtaonewscorp.com
std.stheadline.com
www.thestandard.com.hk
easttouch.my-magazine.me
eastweek.my-magazine.me
headlinejobs.hk
www.singtaoopo.com

Subject Issuer	Validity	Valid
*.stheadline.com Go Daddy Secure Certificate Authority - G2	`2021-08-29` - `2022-09-30`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.megahubhk.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-10` - `2022-12-11`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-20` - `2022-01-18`	3 months	crt.sh
*.hkheadline.com Go Daddy Secure Certificate Authority - G2	`2021-07-07` - `2022-08-08`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-10-05` - `2022-03-04`	5 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.hkhl.hk Go Daddy Secure Certificate Authority - G2	`2021-11-25` - `2022-11-25`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://hd.stheadline.com/
Frame ID: E789BA90DF7E7037D12F37FC11732E00
Requests: 183 HTTP requests in this frame

Frame: https://singtaonewscorp.demdex.net/dest5.html?d_nsid=0
Frame ID: 1800B1AA85DB8255E98C3D0C7E47E590
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Frame ID: DFF76A26FEA2233FAEE1E1E99A959401
Requests: 55 HTTP requests in this frame

Frame: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F30FF4AE61CE409C9788C62D225DAD75
Requests: 1 HTTP requests in this frame

Frame: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5E16D90E5D53D261243C5CFE6D928E47
Requests: 8 HTTP requests in this frame

Frame: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3591B8FF9F17C3CF54398D88C32C5B9F
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: D34B6EBDCFF88C4BF670512C8829B42D
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: 3A840BA385C37D65322467126B65A4C6
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html
Frame ID: E9903BDCA2B5DAC0A805A53CA0B541EF
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6163BDED53A34E3457FFF45C3FBE5E7B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html
Frame ID: 6198546BEFE2E187E5BAC47E613EAEB3
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9F272A28DCF6574BA2CE8F897E322BED
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D978368502211772%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df302085856d4144%2526domain%253Dhd.stheadline.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fhd.stheadline.com%25252Ff3243eabebb95b%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fheadlinehk%26locale%3Dzh_HK%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D298
Frame ID: EC5A2568CC257D1975C2E87B77E9D5AF
Requests: 1 HTTP requests in this frame

Frame: https://trk.hot-mob.com/api/v1/dc?id=wap.e9ae466622ffda35468ece15ca761d2d&alcanzarid=fr1641918340532mC0&googleid=CAESECFLQ6uU0dyFaFqW9rrtUo-&t=alz-mapping&e=cookie-sync
Frame ID: EF6418771C70E1D51CB94E322BC81C86
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 59CD5613F4BEB7CBAD97ADC67605357D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1B99B2FDFABCADC73961AAD893EBD2D7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

即時日報專欄 h1.hk 任睇no.1 | 頭條日報

Page URL History Show full URLs

http://hkhl.hk/ HTTP 301
http://hd.stheadline.com/ HTTP 301
https://hd.stheadline.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+?href="[^"]+sweetalert2(?:\.min)?\.css

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

309
Requests

98 %
HTTPS

53 %
IPv6

24
Domains

40
Subdomains

33
IPs

10
Countries

9705 kB
Transfer

25060 kB
Size

25
Cookies

62 Outgoing links

These are links going to different origins than the main page.

URL: http://paper.stheadline.com/html/callad.html
Title: 日報廣告查詢

Search URL Search Domain Scan URL

URL: https://www.facebook.com/headlinehk
Title: facebook

Search URL Search Domain Scan URL

URL: http://www.weibo.com/hkheadline
Title: Weibo

Search URL Search Domain Scan URL

URL: https://bit.ly/3qAGXP9

Search URL Search Domain Scan URL

URL: https://bit.ly/32BgV6n

Search URL Search Domain Scan URL

URL: https://paper.stheadline.com/
Title: 揭頁版

Search URL Search Domain Scan URL

URL: https://pop.stheadline.com/
Title: Popnews

Search URL Search Domain Scan URL

URL: https://hdfin.stheadline.com/
Title: 金融網

Search URL Search Domain Scan URL

URL: http://blogcity.me/
Title: Blogcity

Search URL Search Domain Scan URL

URL: https://bit.ly/3G5EF0X

Search URL Search Domain Scan URL

URL: https://bit.ly/3JfVYi3

Search URL Search Domain Scan URL

URL: https://bit.ly/3eS6uho

Search URL Search Domain Scan URL

URL: https://bit.ly/3quBAAV

Search URL Search Domain Scan URL

URL: https://pop.stheadline.com/content.php?vid=110210&cat=f

Search URL Search Domain Scan URL

URL: https://paper.stheadline.com/html/location.html
Title: 日報派發地點

Search URL Search Domain Scan URL

URL: https://paper.stheadline.com/headline/?archive=1
Title: 昔日頭條揭頁版

Search URL Search Domain Scan URL

URL: https://paper.stheadline.com/lastpage.php?page=27

Search URL Search Domain Scan URL

URL: https://paper.stheadline.com/headline/
Title: 揭頁版

Search URL Search Domain Scan URL

URL: https://pop.stheadline.com/section.php?cat=new
Title: 最新

Search URL Search Domain Scan URL

URL: https://pop.stheadline.com/section.php?cat=tpd
Title: 最爆

Search URL Search Domain Scan URL

URL: https://pop.stheadline.com/section.php?cat=ppl
Title: 名人導航

Search URL Search Domain Scan URL

URL: https://pop.stheadline.com/section.php?cat=a
Title: 港聞

Search URL Search Domain Scan URL

URL: https://pop.stheadline.com/section.php?cat=f
Title: 娛樂

Search URL Search Domain Scan URL

URL: https://pop.stheadline.com/section.php?cat=b
Title: 國際

Search URL Search Domain Scan URL

URL: https://pop.stheadline.com/section.php?cat=e
Title: 兩岸

Search URL Search Domain Scan URL

URL: https://pop.stheadline.com/section.php?cat=c
Title: 體育

Search URL Search Domain Scan URL

URL: https://pop.stheadline.com/section.php?cat=l
Title: 生活

Search URL Search Domain Scan URL

URL: https://pop.stheadline.com/section.php?cat=d
Title: 財經

Search URL Search Domain Scan URL

URL: https://pop.stheadline.com/section.php?cat=m
Title: 電影

Search URL Search Domain Scan URL

URL: https://pop.stheadline.com/section.php?cat=y
Title: 音樂

Search URL Search Domain Scan URL

URL: https://pop.stheadline.com/content.php?vid=110172&cat=f

Search URL Search Domain Scan URL

URL: https://pop.stheadline.com/content.php?vid=110201&cat=f

Search URL Search Domain Scan URL

URL: https://pop.stheadline.com/content.php?vid=110197&cat=f

Search URL Search Domain Scan URL

URL: http://bit.ly/2Now2Ze

Search URL Search Domain Scan URL

URL: https://pop.stheadline.com/search.php?search=1&key=%E9%99%B8%E7%BE%BD%E4%BB%81
Title: Popnews

Search URL Search Domain Scan URL

URL: http://blogcity.me/blog/list_blog_express.asp?f=5YTPBH5B812303
Title: Blogcity

Search URL Search Domain Scan URL

URL: https://bit.ly/36fISOZ

Search URL Search Domain Scan URL

URL: http://bit.ly/STDdebate

Search URL Search Domain Scan URL

URL: http://bmp.headlinefinance.hk/Headline/tc/Home/Disclaimer
Title: 免責聲明

Search URL Search Domain Scan URL

URL: http://www.jobmarket.com.hk/job-search.jsp

Search URL Search Domain Scan URL

URL: https://hdfin.stheadline.com/inews_finance_news_list.php
Title: 財經新聞

Search URL Search Domain Scan URL

URL: https://hdfin.stheadline.com/realtime_info.php
Title: 即時報價

Search URL Search Domain Scan URL

URL: https://hdfin.stheadline.com/basket_index.php
Title: 一籃指數

Search URL Search Domain Scan URL

URL: https://hdfin.stheadline.com/specialist_main.php
Title: 專家指路

Search URL Search Domain Scan URL

URL: https://hdfin.stheadline.com/broker_main.php
Title: 大行精點

Search URL Search Domain Scan URL

URL: https://hdfin.stheadline.com/warrants_main.php
Title: 輪證心法

Search URL Search Domain Scan URL

URL: https://hdfin.stheadline.com/wealth_instruction_list.php
Title: 增值快線

Search URL Search Domain Scan URL

URL: https://hdfin.stheadline.com/ipo_list.php
Title: 新股專區

Search URL Search Domain Scan URL

URL: https://hdfin.stheadline.com/property_list.php
Title: 地產快遞

Search URL Search Domain Scan URL

URL: https://hdfin.stheadline.com/exchange_list.php
Title: 外匯行情

Search URL Search Domain Scan URL

URL: https://hdfin.stheadline.com/lunch_analyse_content.php
Title: 頭條解籤

Search URL Search Domain Scan URL

URL: http://blogcity.me/blog/list_blog_express.asp?f=W2F8PPC12T72154
Title: 名家BLOG

Search URL Search Domain Scan URL

URL: https://paper.stheadline.com/ratecard.php
Title: 日報(祇適用廣告查詢)

Search URL Search Domain Scan URL

URL: https://static.stheadline.com/stheadline/pdf/stheadlineOnlineRatecard.pdf
Title: 網上(祇適用廣告查詢)

Search URL Search Domain Scan URL

URL: http://www.singtaonewscorp.com/

Search URL Search Domain Scan URL

URL: http://std.stheadline.com/

Search URL Search Domain Scan URL

URL: http://www.thestandard.com.hk/

Search URL Search Domain Scan URL

URL: http://easttouch.my-magazine.me/

Search URL Search Domain Scan URL

URL: http://eastweek.my-magazine.me/

Search URL Search Domain Scan URL

URL: http://headlinejobs.hk/

Search URL Search Domain Scan URL

URL: http://www.singtaoopo.com/

Search URL Search Domain Scan URL

URL: http://pop.stheadline.com/hlEpaperApp.php
Title: 頭條揭頁版

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hkhl.hk/ HTTP 301
http://hd.stheadline.com/ HTTP 301
https://hd.stheadline.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 114

https://cm.everesttech.net/cm/dd?d_uuid=51744879261176482361561322553908381230 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yd2vegAAAHwviwPg

Request Chain 175

https://sb.scorecardresearch.com/b?c1=2&c2=9053246&c3=&c4=&ns__t=1641918329807&ns_c=UTF-8&cv=3.5&c8=%E5%8D%B3%E6%99%82%20%E6%97%A5%E5%A0%B1%20%E5%B0%88%E6%AC%84%20h1.hk%20%E4%BB%BB%E7%9D%87no.1%20%7C%20%E9%A0%AD%E6%A2%9D%E6%97%A5%E5%A0%B1&c7=https%3A%2F%2Fhd.stheadline.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=9053246&c3=&c4=&ns__t=1641918329807&ns_c=UTF-8&cv=3.5&c8=%E5%8D%B3%E6%99%82%20%E6%97%A5%E5%A0%B1%20%E5%B0%88%E6%AC%84%20h1.hk%20%E4%BB%BB%E7%9D%87no.1%20%7C%20%E9%A0%AD%E6%A2%9D%E6%97%A5%E5%A0%B1&c7=https%3A%2F%2Fhd.stheadline.com%2F&c9=

Request Chain 178

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTE3NDQ4NzkyNjExNzY0ODIzNjE1NjEzMjI1NTM5MDgzODEyMzA= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NTE3NDQ4NzkyNjExNzY0ODIzNjE1NjEzMjI1NTM5MDgzODEyMzA=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEN-TVvO1L4vxY-LK6PAQ-Lw&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 262

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 271

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 272

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 282

https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=978368502211772&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df302085856d4144%26domain%3Dhd.stheadline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhd.stheadline.com%252Ff3243eabebb95b%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk&locale=zh_HK&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=298 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D978368502211772%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df302085856d4144%2526domain%253Dhd.stheadline.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fhd.stheadline.com%25252Ff3243eabebb95b%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fheadlinehk%26locale%3Dzh_HK%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D298

Request Chain 313

https://cm.g.doubleclick.net/pixel?google_nid=lively_impact&google_cm&mode=chn_cookie_matching&channel_id=13&channel_cookie=wap.e9ae466622ffda35468ece15ca761d2d HTTP 302
https://tracking.fingereach.com/FRADServing/cookieTracking?mode=chn_cookie_matching&channel_id=13&channel_cookie=wap.e9ae466622ffda35468ece15ca761d2d&google_gid=CAESEHf1nOiDsVfWtn-w8YgBjF0&google_cver=1 HTTP 302
https://trk.hot-mob.com/api/v1/dc?id=wap.e9ae466622ffda35468ece15ca761d2d&alcanzarid=fr1641918340532mC0&googleid=CAESECFLQ6uU0dyFaFqW9rrtUo-&t=alz-mapping&e=cookie-sync

309 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hd.stheadline.com/
Redirect Chain

http://hkhl.hk/
http://hd.stheadline.com/
https://hd.stheadline.com/

135 KB
49 KB

1988ms
1943ms

Document
text/html

79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

52a990356dcc2d9b15abc600e4bd6aed03d74cefb19942981ba6a5118f5b7c65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: Tengine
content-type: text/html; charset=UTF-8
content-length: 49583
date: Tue, 11 Jan 2022 16:25:27 GMT
p3p: CP=This is not a P3P policy! See http://hd.stheadline.com/privacy.php for more info.
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=300
vary: Accept-Encoding
content-encoding: gzip
ali-swift-global-savetime: 1641918328
via: cache21.l2de2[3592,1532,200-0,C], cache16.l2de2[1534,0], cache2.de3[1912,1912,200-0,M], cache1.de3[1922,0]
age: 0
x-cache: MISS TCP_REFRESH_MISS dirn:13:911329757
x-swift-savetime: Tue, 11 Jan 2022 16:25:28 GMT
x-swift-cachetime: 120
timing-allow-origin: *
eagleid: 4f85b19516419183265115259e

Redirect headers

Server: Tengine
Date: Tue, 11 Jan 2022 16:25:26 GMT
Content-Type: text/html
Content-Length: 262
Connection: keep-alive
Location: https://hd.stheadline.com/
Via: cache9.de3[,0]
Timing-Allow-Origin: *
EagleId: 4f85b19d16419183264313256e

GET
H2 200 launch-EN227213af532841a48cb92e23b43a2f63.min.js Show response
assets.adobedtm.com/ 127 KB
39 KB 200ms
16ms Script
application/x-javascript 2a02:26f0:df:3a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN227213af532841a48cb92e23b43a2f63.min.js
Requested by: Host: hd.stheadline.com
URL: https://hd.stheadline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:df:3a5::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7410970b084a5256d674b1d37d7f5780053f8eab8b158d8b09edad86fd34562b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:28 GMT
content-encoding: gzip
last-modified: Tue, 04 Jan 2022 04:56:16 GMT
server: AkamaiNetStorage
etag: "2165aeb8f57eeee524b77c25c0dc7231:1641272176.769411"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://hd.stheadline.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 39275
expires: Tue, 11 Jan 2022 17:25:28 GMT

GET
H/1.1 200
OK jquery.fancybox.min.css
static.stheadline.com/stheadline/js/fancyBox/source/ 4 KB
2 KB 1015ms
194ms Stylesheet
text/css 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.stheadline.com/stheadline/js/fancyBox/source/jquery.fancybox.min.css?v=2.1.5

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

b453f7e482e40f3a63792b350f23d89ca0a9067676498d185281961be603176d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
ETag: "59085980-f1b"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1622
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:30 GMT

GET
H2 200 font-awesome.min.css
cdn.jsdelivr.net/fontawesome/4.6.3/css/ 28 KB
7 KB 36ms
18ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/fontawesome/4.6.3/css/font-awesome.min.css

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hd.stheadline.com/
Origin: https://hd.stheadline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6723507
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19163-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"7187-+1tJQm3ufxUIUA5pjRs8awTI/M4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6cbf805109555c9e-FRA

GET
H2 200 sweetalert2.min.css
cdn.jsdelivr.net/sweetalert2/5.3.5/ 14 KB
3 KB 36ms
18ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/sweetalert2/5.3.5/sweetalert2.min.css

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1000c400415ff168a11fabae79791b9e3d591cb0044159ef4cbbf8d6e103e47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hd.stheadline.com/
Origin: https://hd.stheadline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6447907
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19144-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"36a3-QhIre70XUQVyhmylh837j3o5miM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6cbf805109575c9e-FRA

GET
H2 200 perfect-scrollbar.min.css
cdn.jsdelivr.net/perfect-scrollbar/0.6.14/css/ 5 KB
671 B 38ms
21ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/perfect-scrollbar/0.6.14/css/perfect-scrollbar.min.css

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0974d5da65373f9848c8ef02ab0b9c906ed85724e2d24f7bc9938be23221990e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hd.stheadline.com/
Origin: https://hd.stheadline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6723463
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19146-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"1215-U36Hvw9m8MAxNpvIQxUHtwjAQLM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6cbf805109585c9e-FRA

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/bootstrap/3.3.7/css/ 118 KB
20 KB 36ms
19ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hd.stheadline.com/
Origin: https://hd.stheadline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 553347
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19138-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"1d970-ZSfYvz4ek2i6uMe2D1a8Afo6/Wg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6cbf8051095a5c9e-FRA

GET
H/1.1 200
OK offcanvas.min.css
static.stheadline.com/stheadline/css/ 7 KB
2 KB 1013ms
192ms Stylesheet
text/css 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.stheadline.com/stheadline/css/offcanvas.min.css

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

1bdbad79abe39829aab8993d33e1fa35e048e1c9c4687e4fa95374ac5a6d3746

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
ETag: "558bb3b5-1ab6"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1739
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:30 GMT

GET
H2 200 framework.min.css
hd.stheadline.com/css/ 72 KB
21 KB 219ms
218ms Stylesheet
text/css 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://hd.stheadline.com/css/framework.min.css

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

d011e9bc48e657ad60e2db1b827476944a09571e2e9c64828b45fae85a8e0fed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:28 GMT
via: cache20.l2de2[185,185,304-0,M], cache4.l2de2[186,0], cache6.de3[196,195,200-0,H], cache1.de3[197,0]
x-content-type-options: nosniff
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:13:285823233
x-swift-cachetime: 120
x-swift-savetime: Tue, 11 Jan 2022 16:25:28 GMT
content-encoding: gzip
content-length: 21087
x-xss-protection: 1; mode=block
server: Tengine
x-frame-options: SAMEORIGIN
etag: "5efee058-121ab"
vary: Accept-Encoding
ali-swift-global-savetime: 1641918328
content-type: text/css; charset=utf-8
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183284831766e
expires: Tue, 11 Jan 2022 16:30:28 GMT

GET
H2 200 framework2.css
hd.stheadline.com/css/ 128 B
403 B 32ms
31ms Stylesheet
text/css 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://hd.stheadline.com/css/framework2.css

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

d13e08892ef48393ce58c434f13b67418c7feb03d70c2cf67772272568e969b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:23:35 GMT
via: cache2.l2de2[0,0,304-0,H], cache5.l2de2[1,0], cache1.de3[8,7,200-0,H], cache1.de3[10,0]
x-content-type-options: nosniff
age: 113
x-cache: HIT TCP_REFRESH_HIT dirn:13:679672684
x-swift-cachetime: 7
x-swift-savetime: Tue, 11 Jan 2022 16:25:28 GMT
content-length: 128
x-xss-protection: 1; mode=block
server: Tengine
etag: "60e41957-80"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641918215
content-type: text/css; charset=utf-8
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183284831769e
expires: Tue, 11 Jan 2022 16:28:35 GMT

GET
H2 200 styles.min.css
hd.stheadline.com/css/ 73 KB
21 KB 222ms
221ms Stylesheet
text/css 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://hd.stheadline.com/css/styles.min.css

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

99b0a08741d954d18b3b9072f4e9695f7f2ac9531d816024c09ebb572dad8e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:28 GMT
via: cache25.l2de2[188,188,304-0,M], cache14.l2de2[189,0], cache3.de3[196,195,200-0,H], cache1.de3[198,0]
x-content-type-options: nosniff
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:13:316187257
x-swift-cachetime: 120
x-swift-savetime: Tue, 11 Jan 2022 16:25:28 GMT
content-encoding: gzip
content-length: 21059
x-xss-protection: 1; mode=block
server: Tengine
x-frame-options: SAMEORIGIN
etag: "61d51a8f-122ae"
vary: Accept-Encoding
ali-swift-global-savetime: 1641918328
content-type: text/css; charset=utf-8
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183284841772e
expires: Tue, 11 Jan 2022 16:30:28 GMT

GET
H2 200 styles_ad.css
hd.stheadline.com/css/ 13 KB
3 KB 33ms
32ms Stylesheet
text/css 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://hd.stheadline.com/css/styles_ad.css

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

1bb82209b8ba4f1d8b24bff8adfe15a57eb8498f96e64e949e3d9480626d857d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:24:59 GMT
via: cache18.l2de2[0,0,304-0,H], cache3.l2de2[1,0], cache12.de3[9,8,200-0,H], cache1.de3[11,0]
x-content-type-options: nosniff
age: 29
x-cache: HIT TCP_REFRESH_HIT dirn:13:430844350
x-swift-cachetime: 91
x-swift-savetime: Tue, 11 Jan 2022 16:25:28 GMT
content-encoding: gzip
content-length: 2687
x-xss-protection: 1; mode=block
server: Tengine
x-frame-options: SAMEORIGIN
etag: "61dba657-3503"
vary: Accept-Encoding
ali-swift-global-savetime: 1641918299
content-type: text/css; charset=utf-8
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183284841776e
expires: Tue, 11 Jan 2022 16:29:59 GMT

GET
H2 200 live.css
hd.stheadline.com/css/ 6 KB
2 KB 32ms
31ms Stylesheet
text/css 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://hd.stheadline.com/css/live.css

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

3f2bbe6213127eaffa122d79877cd7453158fd8af7f0fb81545d159d211f90be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:24:14 GMT
via: cache22.l2de2[0,0,304-0,H], cache5.l2de2[1,0], cache13.de3[8,7,200-0,H], cache1.de3[10,0]
x-content-type-options: nosniff
age: 74
x-cache: HIT TCP_REFRESH_HIT dirn:12:48070666
x-swift-cachetime: 46
x-swift-savetime: Tue, 11 Jan 2022 16:25:28 GMT
content-encoding: gzip
content-length: 2093
x-xss-protection: 1; mode=block
server: Tengine
x-frame-options: SAMEORIGIN
etag: "61c134ac-1602"
vary: Accept-Encoding
ali-swift-global-savetime: 1641918254
content-type: text/css; charset=utf-8
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183284841777e
expires: Tue, 11 Jan 2022 16:29:14 GMT

GET
H2 200 icover.css
hd.stheadline.com/css/ 2 KB
1 KB 224ms
223ms Stylesheet
text/css 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://hd.stheadline.com/css/icover.css

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

cc544058a74b8854d1a04a48c60f52c76190c31daeb8f3a3df0af0be18930ea6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:28 GMT
via: cache12.l2de2[188,187,304-0,M], cache22.l2de2[189,0], cache3.de3[199,198,200-0,H], cache1.de3[202,0]
x-content-type-options: nosniff
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:12:317036630
x-swift-cachetime: 120
x-swift-savetime: Tue, 11 Jan 2022 16:25:28 GMT
content-encoding: gzip
content-length: 761
x-xss-protection: 1; mode=block
server: Tengine
x-frame-options: SAMEORIGIN
etag: "59029f05-911"
vary: Accept-Encoding
ali-swift-global-savetime: 1641918328
content-type: text/css; charset=utf-8
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183284841778e
expires: Tue, 11 Jan 2022 16:30:28 GMT

GET
H2 200 btn_click_comscore.js Show response
hd.stheadline.com/js/_adv/ 1 KB
1 KB 222ms
221ms Script
application/javascript 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://hd.stheadline.com/js/_adv/btn_click_comscore.js

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

8b80962407aedcf612e64d21fcf7883e2cd0803d1d63b2ccde3b66dbfe2d9198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:28 GMT
via: cache23.l2de2[186,186,304-0,M], cache2.l2de2[187,0], cache7.de3[195,195,200-0,H], cache1.de3[199,0]
x-content-type-options: nosniff
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:12:610116104
x-swift-cachetime: 120
x-swift-savetime: Tue, 11 Jan 2022 16:25:28 GMT
content-encoding: gzip
content-length: 847
x-xss-protection: 1; mode=block
server: Tengine
x-frame-options: SAMEORIGIN
etag: "5ade8d09-486"
vary: Accept-Encoding
ali-swift-global-savetime: 1641918328
content-type: application/javascript; charset=utf-8
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183284841779e
expires: Tue, 11 Jan 2022 16:30:28 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
27 KB 399ms
44ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2925dd157f5d88937d72985a22604c28692380777b45aaf9723fef3e75af5902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26866
x-xss-protection: 0
server: sffe
etag: "1098 / 76 of 1000 / last-modified: 1641893998"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 11 Jan 2022 16:25:29 GMT

GET
H2 200 dfp.min.js Show response
hd.stheadline.com/js/_adv/ 42 KB
9 KB 223ms
222ms Script
application/javascript 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://hd.stheadline.com/js/_adv/dfp.min.js

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

027256074e32660039674020bd0c3c753f54ef183735836c5826196acd059e91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:28 GMT
via: cache21.l2de2[189,189,304-0,M], cache5.l2de2[190,0], cache1.de3[197,197,200-0,H], cache1.de3[202,0]
x-content-type-options: nosniff
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:12:682732243
x-swift-cachetime: 120
x-swift-savetime: Tue, 11 Jan 2022 16:25:28 GMT
content-encoding: gzip
content-length: 8472
x-xss-protection: 1; mode=block
server: Tengine
x-frame-options: SAMEORIGIN
etag: "5c861930-a7c4"
vary: Accept-Encoding
ali-swift-global-savetime: 1641918328
content-type: application/javascript; charset=utf-8
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183284841783e
expires: Tue, 11 Jan 2022 16:30:28 GMT

GET
H2 200 hotmobtag_min.js Show response
code.hot-mob.com/api/javascript/sdk4/ 88 KB
22 KB 382ms
29ms Script
application/javascript 2606:4700:3035::6815:524
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.hot-mob.com/api/javascript/sdk4/hotmobtag_min.js
Requested by: Host: hd.stheadline.com
URL: https://hd.stheadline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:524 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff7c9fc2bb9dad4d4ca05813b52faa7082080361873e31e3baeb4c87ee9d7359

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=CEDmPg==, md5=Y27iBWP+m9pao5/jD9Hyig==
date: Tue, 11 Jan 2022 16:25:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 720928
x-guploader-uploadid: ADPycduK6LIBcP3sScgTz4-PZL8JIJg03aO9s9TRZ9wG4PdOawNATdJBxllP1GW71ayL9iBTZ-pL9i4V60Z3ZDq_01iFj3BrAg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 23 Nov 2021 03:02:59 GMT
server: cloudflare
etag: W/"636ee20563fe9bda5aa39fe30fd1f28a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FTinQQiKZYDbKGcRJyamWm0FbhC7acgQTm4TpS9JmSVOKtGUQFZW2PDlq0EP9d3X0FDHug5BixtFm2AhG9MBPnz9ozh70IdJZQJAF4LljGeul9DOYtzIg8ZQdLmrTQkh1Ui3GS7z28TeNcw%2BWis3"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1637636579048150
content-type: application/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 20477
cf-ray: 6cbf80598bb04e14-FRA
expires: Mon, 03 Jan 2022 09:10:01 GMT

GET
H2 200 hotmob.min.js Show response
hd.stheadline.com/js/_adv/ 749 B
642 B 49ms
24ms Script
application/javascript 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://hd.stheadline.com/js/_adv/hotmob.min.js

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

85ae46b458763371a5d19e575242cb3e804cb04de00f4070cb73c8ce00a68f69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:23:35 GMT
via: cache6.l2de2[0,0,304-0,H], cache5.l2de2[1,0], cache1.de3[2,2,200-0,H], cache1.de3[4,0]
x-content-type-options: nosniff
age: 114
x-cache: HIT TCP_REFRESH_HIT dirn:12:682084412
x-swift-cachetime: 6
x-swift-savetime: Tue, 11 Jan 2022 16:25:29 GMT
content-encoding: gzip
content-length: 388
x-xss-protection: 1; mode=block
server: Tengine
x-frame-options: SAMEORIGIN
etag: "580f2841-2ed"
vary: Accept-Encoding
ali-swift-global-savetime: 1641918215
content-type: application/javascript; charset=utf-8
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183295234021e
expires: Tue, 11 Jan 2022 16:28:35 GMT

GET
H2 200 purecookie.css
hd.stheadline.com/js/ 3 KB
1 KB 35ms
35ms Stylesheet
text/css 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://hd.stheadline.com/js/purecookie.css

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

23b7cb4de2bf2722c92209cc7d8d260daadd70f7c2e570a6d2ad668159098bf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:24:13 GMT
via: cache23.l2de2[0,0,304-0,H], cache12.l2de2[0,0], cache8.de3[9,9,200-0,H], cache1.de3[10,0]
x-content-type-options: nosniff
age: 75
x-cache: HIT TCP_REFRESH_HIT dirn:13:237301998
x-swift-cachetime: 45
x-swift-savetime: Tue, 11 Jan 2022 16:25:28 GMT
content-encoding: gzip
content-length: 1108
x-xss-protection: 1; mode=block
server: Tengine
x-frame-options: SAMEORIGIN
etag: "60d5b630-a0e"
vary: Accept-Encoding
ali-swift-global-savetime: 1641918253
content-type: text/css; charset=utf-8
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183284881789e
expires: Tue, 11 Jan 2022 16:29:13 GMT

GET
H2 200 purecookie.js Show response
hd.stheadline.com/js/ 3 KB
2 KB 248ms
224ms Script
application/javascript 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://hd.stheadline.com/js/purecookie.js

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

7538d006ee781d6a7f6030912d2cf79f8f88bafcc47ac3eef81cab83c210cf4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:29 GMT
via: cache11.l2de2[187,187,304-0,M], cache23.l2de2[189,0], cache7.de3[201,201,200-0,H], cache1.de3[203,0]
x-content-type-options: nosniff
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:13:611917859
x-swift-cachetime: 120
x-swift-savetime: Tue, 11 Jan 2022 16:25:29 GMT
content-encoding: gzip
content-length: 1510
x-xss-protection: 1; mode=block
server: Tengine
x-frame-options: SAMEORIGIN
etag: "61263303-bde"
vary: Accept-Encoding
ali-swift-global-savetime: 1641918329
content-type: application/javascript; charset=utf-8
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183295234023e
expires: Tue, 11 Jan 2022 16:30:29 GMT

GET
H2 200 sthl_app_icon.png
hd.stheadline.com/images/ 10 KB
10 KB 245ms
221ms Image
image/png 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hd.stheadline.com/images/sthl_app_icon.png

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

27f7979d487134c6c3483a6806806956fc893bed2c53f8c515a11547e916b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:29 GMT
via: cache21.l2de2[189,189,304-0,M], cache5.l2de2[190,0], cache1.de3[194,194,200-0,H], cache1.de3[197,0]
x-content-type-options: nosniff
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:12:653308193
x-swift-cachetime: 120
x-swift-savetime: Tue, 11 Jan 2022 16:25:29 GMT
content-length: 10430
x-xss-protection: 1; mode=block
server: Tengine
etag: "61ccff80-28be"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641918329
content-type: image/png
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183295234026e
expires: Tue, 11 Jan 2022 16:30:29 GMT

GET
H2 200 sthl_app_qrcode.png
hd.stheadline.com/images/ 3 KB
4 KB 245ms
222ms Image
image/png 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hd.stheadline.com/images/sthl_app_qrcode.png

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

9b1f8fab82b18bd152cbf6c7519328a951c56627685c98560000ea1ecafb5b72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:29 GMT
via: cache2.l2de2[187,186,304-0,M], cache6.l2de2[188,0], cache5.de3[195,196,200-0,H], cache1.de3[199,0]
x-content-type-options: nosniff
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:12:819576290
x-swift-cachetime: 120
x-swift-savetime: Tue, 11 Jan 2022 16:25:29 GMT
content-length: 3462
x-xss-protection: 1; mode=block
server: Tengine
etag: "61ccff90-d86"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641918329
content-type: image/png
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183295234029e
expires: Tue, 11 Jan 2022 16:30:29 GMT

GET
H2 200 hlhd_app_icon.png
hd.stheadline.com/images/ 178 KB
179 KB 46ms
25ms Image
image/png 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hd.stheadline.com/images/hlhd_app_icon.png

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

32a88002f35eff5e93c02eed223dfea38e568f21d1c1a699cd63be40df7db3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:23:40 GMT
via: cache5.l2de2[0,0,304-0,H], cache12.l2de2[0,0], cache8.de3[3,2,200-0,H], cache1.de3[7,0]
x-content-type-options: nosniff
age: 110
x-cache: HIT TCP_REFRESH_HIT dirn:12:825342509
x-swift-cachetime: 10
x-swift-savetime: Tue, 11 Jan 2022 16:25:29 GMT
content-length: 182534
x-xss-protection: 1; mode=block
server: Tengine
etag: "61d2a075-2c906"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641918219
content-type: image/png
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183295234032e
expires: Tue, 11 Jan 2022 16:28:40 GMT

GET
H2 200 hlhd_app_qrcode.png
hd.stheadline.com/images/ 3 KB
4 KB 67ms
48ms Image
image/png 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hd.stheadline.com/images/hlhd_app_qrcode.png

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

c87163b3de163637fc724ddcdc96e71d400670e244fd6b04bb4a6a59ea82285f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:23:35 GMT
via: cache11.l2de2[0,0,304-0,H], cache20.l2de2[1,0], cache1.de3[9,8,200-0,H], cache1.de3[14,0]
x-content-type-options: nosniff
age: 114
x-cache: HIT TCP_REFRESH_HIT dirn:12:653310531
x-swift-cachetime: 6
x-swift-savetime: Tue, 11 Jan 2022 16:25:29 GMT
content-length: 3415
x-xss-protection: 1; mode=block
server: Tengine
etag: "61ccffe4-d57"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641918215
content-type: image/png
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183295234035e
expires: Tue, 11 Jan 2022 16:28:35 GMT

GET
H2 200 _2022011123261388867_popup.jpg
image.stheadline.com/f/244r118/0x0/100/hd/a2b8fc8ba0e5909d6d8f80d6306e23ac/stheadline/inewsmedia/20220111/ 13 KB
13 KB 152ms
26ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/244r118/0x0/100/hd/a2b8fc8ba0e5909d6d8f80d6306e23ac/stheadline/inewsmedia/20220111/_2022011123261388867_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

7c118c45be0d1cf8017e19865dbde4e5b391406d492fd50b11fd7b5ef480e40f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:29:24 GMT
via: cache2.l2de2[0,0,200-0,H], cache7.l2de2[1,0], cache8.de3[0,0,200-0,H], cache1.de3[6,0]
x-content-type-options: nosniff
age: 3364
x-cache: HIT TCP_MEM_HIT dirn:12:846842735
x-cnection: close
x-swift-cachetime: 85715
x-swift-savetime: Tue, 11 Jan 2022 15:40:50 GMT
content-length: 12896
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 15:29:24 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641914965
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183296304292e
expires: Tue, 18 Jan 2022 15:29:24 GMT

GET
H2 200 _2022011123261388867_popup.jpg
image.stheadline.com/f/154r100/0x0/100/hd/b038ffa757ad349c4ba3f8088437e79d/stheadline/inewsmedia/20220111/ 9 KB
10 KB 149ms
23ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/154r100/0x0/100/hd/b038ffa757ad349c4ba3f8088437e79d/stheadline/inewsmedia/20220111/_2022011123261388867_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

62c3e26df9015294db7f353d39478a0eb0c5c4c21185bad2a144f7dd5c9c2ecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:29:25 GMT
via: cache16.l2de2[0,0,200-0,H], cache11.l2de2[1,0], cache12.de3[0,0,200-0,H], cache1.de3[2,0]
x-content-type-options: nosniff
age: 3363
x-cache: HIT TCP_MEM_HIT dirn:13:425564187
x-cnection: close
x-swift-cachetime: 85716
x-swift-savetime: Tue, 11 Jan 2022 15:40:50 GMT
content-length: 9583
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 15:29:25 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641914966
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183296334295e
expires: Tue, 18 Jan 2022 15:29:25 GMT

GET
H2 200 _2022011123032624266_popup.jpg
image.stheadline.com/f/244r118/0x0/100/hd/33cc860b195020195954f92aec3d0c7b/stheadline/inewsmedia/20220111/ 10 KB
10 KB 149ms
23ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/244r118/0x0/100/hd/33cc860b195020195954f92aec3d0c7b/stheadline/inewsmedia/20220111/_2022011123032624266_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

fdee9ecced6eca08dd7ca8ed87bac891ed26b3da05ea3a13a4a5516fc3e7df9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:20:26 GMT
via: cache20.l2de2[0,0,200-0,H], cache8.l2de2[1,0], cache1.de3[0,0,200-0,H], cache1.de3[2,0]
x-content-type-options: nosniff
age: 3902
x-cache: HIT TCP_MEM_HIT dirn:13:674088273
x-cnection: close
x-swift-cachetime: 85177
x-swift-savetime: Tue, 11 Jan 2022 15:40:50 GMT
content-length: 10455
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 15:20:26 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641914427
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183296334296e
expires: Tue, 18 Jan 2022 15:20:26 GMT

GET
H2 200 _2022011123032624266_popup.jpg
image.stheadline.com/f/154r100/0x0/100/hd/7c52067cb5c85e91f8022dc76e4881a4/stheadline/inewsmedia/20220111/ 9 KB
10 KB 150ms
25ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/154r100/0x0/100/hd/7c52067cb5c85e91f8022dc76e4881a4/stheadline/inewsmedia/20220111/_2022011123032624266_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

3b4ace8ea941028012e2cfb52be5c4c79a2cfc8d105d14c78f90408e45cd39f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:20:27 GMT
via: cache10.l2de2[0,0,200-0,H], cache21.l2de2[1,0], cache14.de3[0,0,200-0,H], cache1.de3[2,0]
x-content-type-options: nosniff
age: 3901
x-cache: HIT TCP_MEM_HIT dirn:12:676710463
x-cnection: close
x-swift-cachetime: 85179
x-swift-savetime: Tue, 11 Jan 2022 15:40:49 GMT
content-length: 9515
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 15:20:27 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641914428
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183296334300e
expires: Tue, 18 Jan 2022 15:20:27 GMT

GET
H2 200 _2022011121295398406_popup.jpg
image.stheadline.com/f/244r118/0x0/100/hd/9eb5cd75e6399a1de4e504a1860826ac/stheadline/inewsmedia/20220111/ 20 KB
20 KB 147ms
21ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/244r118/0x0/100/hd/9eb5cd75e6399a1de4e504a1860826ac/stheadline/inewsmedia/20220111/_2022011121295398406_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

8b1f03b77cbd66e5f1fa9f3f153c80c53938441d5de1a563ee9585f0bf3eb554

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 13:31:18 GMT
via: cache11.l2de2[0,0,200-0,H], cache15.l2de2[1,0], cache2.de3[0,0,200-0,H], cache1.de3[3,0]
x-content-type-options: nosniff
age: 10450
x-cache: HIT TCP_MEM_HIT dirn:13:908001630
x-cnection: close
x-swift-cachetime: 84258
x-swift-savetime: Tue, 11 Jan 2022 14:07:01 GMT
content-length: 20097
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 13:31:18 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641907879
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183296304285e
expires: Tue, 18 Jan 2022 13:31:18 GMT

GET
H2 200 _2022011121295398406_popup.jpg
image.stheadline.com/f/154r100/0x0/100/hd/07e64cbd18fa07774fba0fca2ad164a7/stheadline/inewsmedia/20220111/ 12 KB
12 KB 147ms
22ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/154r100/0x0/100/hd/07e64cbd18fa07774fba0fca2ad164a7/stheadline/inewsmedia/20220111/_2022011121295398406_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

09f374891132dde719289e5664b2e6b6b99970ff59cf5a80f10dfb0e0b40b385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 13:31:19 GMT
via: cache1.l2de2[0,0,200-0,H], cache9.l2de2[1,0], cache8.de3[0,0,200-0,H], cache1.de3[3,0]
x-content-type-options: nosniff
age: 10450
x-cache: HIT TCP_MEM_HIT dirn:13:193394748
x-cnection: close
x-swift-cachetime: 84258
x-swift-savetime: Tue, 11 Jan 2022 14:07:01 GMT
content-length: 12489
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 13:31:19 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641907879
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183296304289e
expires: Tue, 18 Jan 2022 13:31:19 GMT

GET
H2 200 _2022011118062979851_popup.jpg
image.stheadline.com/f/244r118/0x0/100/hd/41208e3f8567aa4f054fe97e0eafb6f8/stheadline/inewsmedia/20220111/ 15 KB
15 KB 31ms
27ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/244r118/0x0/100/hd/41208e3f8567aa4f054fe97e0eafb6f8/stheadline/inewsmedia/20220111/_2022011118062979851_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

82fe6c4cfd96cd8690139c82c535eb9832ae54d3735d7c881c2725fb83767a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 13:31:19 GMT
via: cache1.l2de2[0,0,200-0,H], cache13.l2de2[1,0], cache5.de3[0,0,200-0,H], cache1.de3[5,0]
x-content-type-options: nosniff
age: 10449
x-cache: HIT TCP_MEM_HIT dirn:13:801523772
x-cnection: close
x-swift-cachetime: 84259
x-swift-savetime: Tue, 11 Jan 2022 14:07:01 GMT
content-length: 15538
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 13:31:19 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641907880
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183296634361e
expires: Tue, 18 Jan 2022 13:31:19 GMT

GET
H2 200 _2022011118062979851_popup.jpg
image.stheadline.com/f/154r100/0x0/100/hd/7308c272aa75594b27d45e34d70e0d15/stheadline/inewsmedia/20220111/ 10 KB
10 KB 31ms
28ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/154r100/0x0/100/hd/7308c272aa75594b27d45e34d70e0d15/stheadline/inewsmedia/20220111/_2022011118062979851_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

5b0dd2d5bbc8c608d27ec2d725c1999164e5a2a0c3dbd7bad73d0e15a3decbdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 13:31:20 GMT
via: cache17.l2de2[0,0,200-0,H], cache12.l2de2[0,0], cache5.de3[0,0,200-0,H], cache1.de3[5,0]
x-content-type-options: nosniff
age: 10449
x-cache: HIT TCP_MEM_HIT dirn:12:802363929
x-cnection: close
x-swift-cachetime: 84259
x-swift-savetime: Tue, 11 Jan 2022 14:07:01 GMT
content-length: 10138
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 13:31:20 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641907880
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183296634363e
expires: Tue, 18 Jan 2022 13:31:20 GMT

GET
H2 200 _2022011123261388867_popup.jpg
image.stheadline.com/f/640r400/0x0/100/hd/ae628bc50846592ccf42bc6224233ed8/stheadline/inewsmedia/20220111/ 56 KB
56 KB 31ms
28ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/640r400/0x0/100/hd/ae628bc50846592ccf42bc6224233ed8/stheadline/inewsmedia/20220111/_2022011123261388867_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

b2c37139664ae4fc1b35a05d56ed4e486476c687581b191f19db7823689ebbbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:29:25 GMT
via: cache25.l2de2[0,0,200-0,H], cache18.l2de2[0,0], cache3.de3[0,0,200-0,H], cache1.de3[5,0]
x-content-type-options: nosniff
age: 3363
x-cache: HIT TCP_MEM_HIT dirn:13:311709178
x-cnection: close
x-swift-cachetime: 85716
x-swift-savetime: Tue, 11 Jan 2022 15:40:50 GMT
content-length: 56907
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 15:29:25 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641914966
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183296634364e
expires: Tue, 18 Jan 2022 15:29:25 GMT

GET
H2 200 _2022011123032624266_popup.jpg
image.stheadline.com/f/640r400/0x0/100/hd/bc94ce650ae38ad6c2f4fa37594d0df4/stheadline/inewsmedia/20220111/ 53 KB
54 KB 34ms
31ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/640r400/0x0/100/hd/bc94ce650ae38ad6c2f4fa37594d0df4/stheadline/inewsmedia/20220111/_2022011123032624266_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

52d9066f67b408e6107068287a73c28927a0b36aa84a3248361b0437cd1990b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:20:28 GMT
via: cache23.l2de2[0,0,200-0,H], cache11.l2de2[1,0], cache12.de3[0,0,200-0,H], cache1.de3[5,0]
x-content-type-options: nosniff
age: 3901
x-cache: HIT TCP_MEM_HIT dirn:12:426596442
x-cnection: close
x-swift-cachetime: 85178
x-swift-savetime: Tue, 11 Jan 2022 15:40:50 GMT
content-length: 54733
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 15:20:28 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641914428
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183296634365e
expires: Tue, 18 Jan 2022 15:20:28 GMT

GET
H2 200 _2022011121295398406_popup.jpg
image.stheadline.com/f/640r400/0x0/100/hd/efbce2fb80f210bbbfb02ce05425b55d/stheadline/inewsmedia/20220111/ 69 KB
69 KB 33ms
32ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/640r400/0x0/100/hd/efbce2fb80f210bbbfb02ce05425b55d/stheadline/inewsmedia/20220111/_2022011121295398406_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

0400dd02ed2f7ea80356122526b08cd158e504f528ac15a91156bc8858312fb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 13:31:17 GMT
via: cache3.l2de2[0,0,200-0,H], cache22.l2de2[1,0], cache10.de3[0,0,200-0,H], cache1.de3[5,0]
x-content-type-options: nosniff
age: 10451
x-cache: HIT TCP_MEM_HIT dirn:12:594297664
x-cnection: close
x-swift-cachetime: 84257
x-swift-savetime: Tue, 11 Jan 2022 14:07:01 GMT
content-length: 70335
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 13:31:17 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641907878
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183296634366e
expires: Tue, 18 Jan 2022 13:31:17 GMT

GET
H2 200 _2022011118062979851_popup.jpg
image.stheadline.com/f/640r400/0x0/100/hd/71f643869d95468af220a13d9c455c2f/stheadline/inewsmedia/20220111/ 58 KB
58 KB 34ms
33ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/640r400/0x0/100/hd/71f643869d95468af220a13d9c455c2f/stheadline/inewsmedia/20220111/_2022011118062979851_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

74c50229639f651a115f1a6e572a0a0f7bbd8c506aa97df59a9fad84183dc8b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 13:31:19 GMT
via: cache20.l2de2[0,0,200-0,H], cache15.l2de2[1,0], cache3.de3[0,0,200-0,H], cache1.de3[5,0]
x-content-type-options: nosniff
age: 10449
x-cache: HIT TCP_MEM_HIT dirn:13:275052839
x-cnection: close
x-swift-cachetime: 84259
x-swift-savetime: Tue, 11 Jan 2022 14:07:01 GMT
content-length: 59061
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 13:31:19 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641907880
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183296634371e
expires: Tue, 18 Jan 2022 13:31:19 GMT

GET
H/1.1 200
OK wrightlife_300x100_20220108.gif
static.stheadline.com/stheadline/adbanner/housead/ 41 KB
42 KB 586ms
192ms Image
image/gif 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/adbanner/housead/wrightlife_300x100_20220108.gif

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

04e62b706f7326a57bf0ef734fa7c35f7542f379e777835f550ea2d8a30b2544

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:31 GMT
X-Content-Type-Options: nosniff
ETag: "61d7ee3e-a5d2"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 42450
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:31 GMT

GET
H/1.1 200
OK campaignsiteentry_300x100_20220103.gif
static.stheadline.com/stheadline/adbanner/housead/ 30 KB
31 KB 775ms
192ms Image
image/gif 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/adbanner/housead/campaignsiteentry_300x100_20220103.gif

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

60cc29bdfc1c88b9ed4d13cf3ff332b8f770fe66ce996c464640535cad86bdf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:31 GMT
X-Content-Type-Options: nosniff
ETag: "61cd6a59-79fc"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 31228
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:31 GMT

GET
H/1.1 200
OK JNC_300x100_20220110.gif
static.stheadline.com/stheadline/adbanner/housead/ 129 KB
130 KB 595ms
203ms Image
image/gif 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/adbanner/housead/JNC_300x100_20220110.gif

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

dbe46c496bf7035369bce1b4e6aa6fbe02f54bc7f81be5b366fcc97e0081fd86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:31 GMT
X-Content-Type-Options: nosniff
ETag: "61dba1b7-20431"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 132145
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:31 GMT

GET
H/1.1 200
OK hizero_300x100_20211231.gif
static.stheadline.com/stheadline/adbanner/housead/ 49 KB
49 KB 684ms
192ms Image
image/gif 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/adbanner/housead/hizero_300x100_20211231.gif

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

f476480e72f758e8c713cb85dd68b6f3922b32866f31e1d22cf924608ffa8ed1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:31 GMT
X-Content-Type-Options: nosniff
ETag: "61cebb88-c240"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 49728
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:31 GMT

GET
H/1.1 200
OK sthlsuperapp_300x250_20220103.gif
static.stheadline.com/stheadline/adbanner/housead/ 75 KB
75 KB 339ms
189ms Image
image/gif 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/adbanner/housead/sthlsuperapp_300x250_20220103.gif

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

0399b3714b972cabf60a8df2a5209a23b83a4c24cf6e130e12bea39388545606

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:31 GMT
X-Content-Type-Options: nosniff
ETag: "61cd6a59-12a7a"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 76410
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:31 GMT

GET
H2 200 _2022011120464229854_popup.jpg
image.stheadline.com/f/442r276/0x0/100/hd/fd38a1912356a3b794e71f537d52c5d5/stheadline/inewsmedia/20220111/ 54 KB
55 KB 30ms
27ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/442r276/0x0/100/hd/fd38a1912356a3b794e71f537d52c5d5/stheadline/inewsmedia/20220111/_2022011120464229854_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

ed5169dd88d3f869771eeaaa2e171560f6513736e771f033e6950a4e3ff32407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 14:06:56 GMT
via: cache6.l2de2[0,0,200-0,H], cache13.l2de2[0,0], cache8.de3[0,0,200-0,H], cache1.de3[4,0]
x-content-type-options: nosniff
age: 8312
x-cache: HIT TCP_MEM_HIT dirn:12:811515466
x-cnection: close
x-swift-cachetime: 85871
x-swift-savetime: Tue, 11 Jan 2022 14:15:46 GMT
content-length: 55578
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 14:06:56 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641910017
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183296944447e
expires: Tue, 18 Jan 2022 14:06:56 GMT

GET
H2 200 _2022011123103327956_popup.jpg
image.stheadline.com/f/442r276/0x0/100/none/292e525ac6b260ceb10be3b88d4a29c2/stheadline/inewsmedia/20220111/ 41 KB
41 KB 27ms
24ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/442r276/0x0/100/none/292e525ac6b260ceb10be3b88d4a29c2/stheadline/inewsmedia/20220111/_2022011123103327956_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

6c5038025e687a4e9656aee6b9019d6452dc4f89069d40f8c854f61f2dc2a954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:13:30 GMT
via: cache5.l2de2[0,0,200-0,H], cache18.l2de2[1,0], cache3.de3[0,0,200-0,H], cache1.de3[3,0]
x-content-type-options: nosniff
age: 4318
x-cache: HIT TCP_MEM_HIT dirn:12:312555539
x-cnection: close
x-swift-cachetime: 84761
x-swift-savetime: Tue, 11 Jan 2022 15:40:50 GMT
content-length: 41595
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 15:13:30 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641914011
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183296954449e
expires: Tue, 18 Jan 2022 15:13:30 GMT

GET
H2 200 _2022011119555773692_popup.jpg
image.stheadline.com/f/442r276/0x0/100/hd/34f693dafe0245ac4a52fc632c856863/stheadline/inewsmedia/20220111/ 51 KB
51 KB 27ms
25ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/442r276/0x0/100/hd/34f693dafe0245ac4a52fc632c856863/stheadline/inewsmedia/20220111/_2022011119555773692_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

1a24cf98a6a928d977c514fa6e2064c8bd4b22e323937715dfcde71bb203106b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 12:41:00 GMT
via: cache15.l2de2[0,0,200-0,H], cache11.l2de2[1,0], cache6.de3[0,0,200-0,H], cache1.de3[2,0]
x-content-type-options: nosniff
age: 13469
x-cache: HIT TCP_MEM_HIT dirn:12:201075865
x-cnection: close
x-swift-cachetime: 86165
x-swift-savetime: Tue, 11 Jan 2022 12:44:55 GMT
content-length: 51767
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 12:41:00 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641904860
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183296964452e
expires: Tue, 18 Jan 2022 12:41:00 GMT

GET
H2 200 _2022011121043221836_popup.jpg
image.stheadline.com/f/442r276/0x0/100/hd/9e37986ea75c6dc063e7598b2ef2e3f3/stheadline/inewsmedia/20220111/ 30 KB
30 KB 28ms
27ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/442r276/0x0/100/hd/9e37986ea75c6dc063e7598b2ef2e3f3/stheadline/inewsmedia/20220111/_2022011121043221836_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

18890b593c986c4c9638803cd5dd002541c2be7f2ad55c5ca654a37852f3e22a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 13:06:58 GMT
via: cache8.l2de2[0,0,200-0,H], cache17.l2de2[1,0], cache9.de3[0,0,200-0,H], cache1.de3[3,0]
x-content-type-options: nosniff
age: 11911
x-cache: HIT TCP_MEM_HIT dirn:12:368785253
x-cnection: close
x-swift-cachetime: 86244
x-swift-savetime: Tue, 11 Jan 2022 13:09:34 GMT
content-length: 30624
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 13:06:58 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641906418
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183296984457e
expires: Tue, 18 Jan 2022 13:06:58 GMT

GET
H2 200 _2022011116355261352_popup.jpg
image.stheadline.com/f/442r276/0x0/100/none/e1aad1852d4c25b5f562f9127cfedc5b/stheadline/inewsmedia/20220111/ 39 KB
39 KB 27ms
26ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/442r276/0x0/100/none/e1aad1852d4c25b5f562f9127cfedc5b/stheadline/inewsmedia/20220111/_2022011116355261352_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

e5f039ac18a2b16081344ee6ec1f25625e15cfa30ff6221037903f6481d2e349

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 08:41:01 GMT
via: cache10.l2de2[0,0,200-0,H], cache8.l2de2[0,0], cache4.de3[0,0,200-0,H], cache1.de3[2,0]
x-content-type-options: nosniff
age: 27867
x-cache: HIT TCP_MEM_HIT dirn:13:519987799
x-cnection: close
x-swift-cachetime: 85522
x-swift-savetime: Tue, 11 Jan 2022 08:55:40 GMT
content-length: 39685
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 08:41:01 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641890462
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183296984462e
expires: Tue, 18 Jan 2022 08:41:01 GMT

GET
H2 200 _2022011116182617515_popup.jpg
image.stheadline.com/f/442r276/0x0/100/none/8dd112f5ffbea0e6a6cd7f141f321be4/stheadline/inewsmedia/20220111/ 46 KB
46 KB 27ms
23ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/442r276/0x0/100/none/8dd112f5ffbea0e6a6cd7f141f321be4/stheadline/inewsmedia/20220111/_2022011116182617515_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

c65e0315c09b245b1086ff08283f7f7c1f1e94c91bcd92282200cd34f4474b29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 08:41:00 GMT
via: cache17.l2de2[0,0,200-0,H], cache20.l2de2[1,0], cache6.de3[0,0,200-0,H], cache1.de3[1,0]
x-content-type-options: nosniff
age: 27868
x-cache: HIT TCP_MEM_HIT dirn:13:121812592
x-cnection: close
x-swift-cachetime: 85521
x-swift-savetime: Tue, 11 Jan 2022 08:55:40 GMT
content-length: 47002
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 08:41:00 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641890461
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183297254530e
expires: Tue, 18 Jan 2022 08:41:00 GMT

GET
H2 200 _2022011118152379700_popup.jpg
image.stheadline.com/f/442r276/0x0/100/none/1b988e2ed4e4b6fb4f560506f7398d14/stheadline/inewsmedia/20220111/ 59 KB
59 KB 29ms
24ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/442r276/0x0/100/none/1b988e2ed4e4b6fb4f560506f7398d14/stheadline/inewsmedia/20220111/_2022011118152379700_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

47a11f8a0c3277ee7f855d1ee98d3b2e400d9741cdfb94efde8aeed086758d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 11:02:24 GMT
via: cache9.l2de2[0,0,200-0,H], cache19.l2de2[1,0], cache7.de3[0,0,200-0,H], cache1.de3[2,0]
x-content-type-options: nosniff
age: 19384
x-cache: HIT TCP_MEM_HIT dirn:13:505747003
x-cnection: close
x-swift-cachetime: 86097
x-swift-savetime: Tue, 11 Jan 2022 11:07:28 GMT
content-length: 60305
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 11:02:24 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641898945
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183297264540e
expires: Tue, 18 Jan 2022 11:02:24 GMT

GET
H/1.1 200
OK Img_110210_500_220111215218.jpg
res001.stheadline.com/vNews//2022/01/11/ 23 KB
23 KB 1045ms
191ms Image
image/jpeg 203.80.1.102
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res001.stheadline.com/vNews//2022/01/11/Img_110210_500_220111215218.jpg
Requested by: Host: hd.stheadline.com
URL: https://hd.stheadline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 203.80.1.102 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),
Reverse DNS
Software: nginx/1.2.6 /
Resource Hash: fc53299b463018e1eb579d372ef0bd2ed8e090c5a2c175e5af29ef9d15c094c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:30 GMT
Last-Modified: Tue, 11 Jan 2022 13:52:19 GMT
Server: nginx/1.2.6
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23080
Content-Type: image/jpeg

GET
H2 200 _2022011123392040646_popup.jpg
image.stheadline.com/f/81r65/0x0/100/hd/b0dab92e2dc1a31016e346633ca7f5cc/stheadline/inewsmedia/20220111/ 4 KB
4 KB 28ms
26ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/81r65/0x0/100/hd/b0dab92e2dc1a31016e346633ca7f5cc/stheadline/inewsmedia/20220111/_2022011123392040646_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

033184ef75890f2f9021b4a16b0e2fba7068b065e78fbc423a074e7eef86de25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:43:27 GMT
via: cache17.l2de2[0,0,200-0,H], cache3.l2de2[0,0], cache2.de3[0,0,200-0,H], cache1.de3[1,0]
x-content-type-options: nosniff
age: 2521
x-cache: HIT TCP_MEM_HIT dirn:13:32004372
x-cnection: close
x-swift-cachetime: 85030
x-swift-savetime: Tue, 11 Jan 2022 16:06:18 GMT
content-length: 4015
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 15:43:27 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641915808
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183297284542e
expires: Tue, 18 Jan 2022 15:43:27 GMT

GET
H2 200 _2022011119371661567_popup.jpg
image.stheadline.com/f/81r65/0x0/100/hd/2b2f30c20491a72ffdd3be43511ebee6/stheadline/inewsmedia/20220111/ 4 KB
5 KB 27ms
27ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/81r65/0x0/100/hd/2b2f30c20491a72ffdd3be43511ebee6/stheadline/inewsmedia/20220111/_2022011119371661567_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

a3e4124a5baa9fe5f4a378b0079f9a236bc46d2cef86bfea595b9567658e1c6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 11:42:38 GMT
via: cache2.l2de2[0,0,200-0,H], cache15.l2de2[1,0], cache10.de3[0,0,200-0,H], cache1.de3[2,0]
x-content-type-options: nosniff
age: 16970
x-cache: HIT TCP_MEM_HIT dirn:13:536626288
x-cnection: close
x-swift-cachetime: 85503
x-swift-savetime: Tue, 11 Jan 2022 11:57:36 GMT
content-length: 4505
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 11:42:38 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641901359
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183297284543e
expires: Tue, 18 Jan 2022 11:42:38 GMT

GET
H2 200 _2022011118304579615_popup.jpg
image.stheadline.com/f/81r65/0x0/100/hd/0dbc8925d7122c7cb190a3f420b738a3/stheadline/inewsmedia/20220111/ 4 KB
5 KB 24ms
21ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/81r65/0x0/100/hd/0dbc8925d7122c7cb190a3f420b738a3/stheadline/inewsmedia/20220111/_2022011118304579615_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

61dc28756317c72466f00a33f37d8f155d5c43fcfc7b7604199c807ec5688ed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:34:17 GMT
via: cache1.l2de2[0,0,200-0,H], cache21.l2de2[3,0], cache3.de3[0,0,200-0,H], cache1.de3[1,0]
x-content-type-options: nosniff
age: 3071
x-cache: HIT TCP_MEM_HIT dirn:12:312558240
x-cnection: close
x-swift-cachetime: 86008
x-swift-savetime: Tue, 11 Jan 2022 15:40:50 GMT
content-length: 4378
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 15:34:17 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641915258
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183297554607e
expires: Tue, 18 Jan 2022 15:34:17 GMT

GET
H2 200 _2022011123111558920_popup.jpg
image.stheadline.com/f/81r65/0x0/100/none/3a2fdd2bb4bfd034caf0eca4ff6c8f02/stheadline/inewsmedia/20220111/ 4 KB
4 KB 26ms
23ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/81r65/0x0/100/none/3a2fdd2bb4bfd034caf0eca4ff6c8f02/stheadline/inewsmedia/20220111/_2022011123111558920_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

c4e53c7b968ffd0eff818eeafc11ef11c5ca0f222afd9f5992a1566c1d5655bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:13:30 GMT
via: cache16.l2de2[0,0,200-0,H], cache1.l2de2[1,0], cache5.de3[0,0,200-0,H], cache1.de3[1,0]
x-content-type-options: nosniff
age: 4318
x-cache: HIT TCP_MEM_HIT dirn:12:841425843
x-cnection: close
x-swift-cachetime: 84761
x-swift-savetime: Tue, 11 Jan 2022 15:40:50 GMT
content-length: 3821
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 15:13:30 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641914011
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183297584611e
expires: Tue, 18 Jan 2022 15:13:30 GMT

GET
H2 200 _2022011120554561717_popup.jpg
image.stheadline.com/f/81r65/0x0/100/none/3498d766050cc5ce11bb6d463ad79201/stheadline/inewsmedia/20220111/ 4 KB
4 KB 27ms
24ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/81r65/0x0/100/none/3498d766050cc5ce11bb6d463ad79201/stheadline/inewsmedia/20220111/_2022011120554561717_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

8a956840b7c5ce92d4dc97729b3c1118162bdd72aaa72ce9fe1294d2c02f7fb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:13:31 GMT
via: cache6.l2de2[0,0,200-0,H], cache4.l2de2[1,0], cache14.de3[0,0,200-0,H], cache1.de3[2,0]
x-content-type-options: nosniff
age: 4317
x-cache: HIT TCP_MEM_HIT dirn:12:676716841
x-cnection: close
x-swift-cachetime: 84762
x-swift-savetime: Tue, 11 Jan 2022 15:40:50 GMT
content-length: 4139
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 15:13:31 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641914012
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183297584613e
expires: Tue, 18 Jan 2022 15:13:31 GMT

GET
H2 200 _2022011123012175311_popup.jpg
image.stheadline.com/f/81r65/0x0/100/hd/5a9ba32f877e7b40474d80e435ed00be/stheadline/inewsmedia/20220111/ 5 KB
6 KB 27ms
25ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/81r65/0x0/100/hd/5a9ba32f877e7b40474d80e435ed00be/stheadline/inewsmedia/20220111/_2022011123012175311_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

9cda26c6ca123d48661a5f67c1f94f0a5382e5303a256c9b2eb22671c96fbec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:06:00 GMT
via: cache24.l2de2[0,0,200-0,H], cache15.l2de2[0,0], cache14.de3[0,0,200-0,H], cache1.de3[1,0]
x-content-type-options: nosniff
age: 4768
x-cache: HIT TCP_MEM_HIT dirn:12:659521361
x-cnection: close
x-swift-cachetime: 86378
x-swift-savetime: Tue, 11 Jan 2022 15:06:23 GMT
content-length: 5426
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 15:06:00 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641913561
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183297594614e
expires: Tue, 18 Jan 2022 15:06:00 GMT

GET
H2 200 _2022011121483127822_popup.jpg
image.stheadline.com/f/81r65/0x0/100/hd/0307c8afe2f979af7ceaf7661dfd9558/stheadline/inewsmedia/20220111/ 3 KB
3 KB 22ms
22ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/81r65/0x0/100/hd/0307c8afe2f979af7ceaf7661dfd9558/stheadline/inewsmedia/20220111/_2022011121483127822_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

7836045da7609ce521ded10d50662408fed85a90ba0c74e58700e0dfaf797989

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:06:00 GMT
via: cache19.l2de2[0,0,200-0,H], cache1.l2de2[0,0], cache6.de3[0,0,200-0,H], cache1.de3[1,0]
x-content-type-options: nosniff
age: 4768
x-cache: HIT TCP_MEM_HIT dirn:12:260222286
x-cnection: close
x-swift-cachetime: 86356
x-swift-savetime: Tue, 11 Jan 2022 15:06:45 GMT
content-length: 3186
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 15:06:00 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641913561
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183297774667e
expires: Tue, 18 Jan 2022 15:06:00 GMT

GET
H2 200 _2022011122501892629_popup.jpg
image.stheadline.com/f/81r65/0x0/100/hd/a77c1e079643989ebfdda21dc4d179c3/stheadline/inewsmedia/20220111/ 5 KB
5 KB 23ms
22ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/81r65/0x0/100/hd/a77c1e079643989ebfdda21dc4d179c3/stheadline/inewsmedia/20220111/_2022011122501892629_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

196d52414a28790ca0247529b9ea9ebce6ce43d16dee8e6df3ac6d1a13c66426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 14:52:44 GMT
via: cache4.l2de2[0,0,200-0,H], cache18.l2de2[1,0], cache10.de3[0,0,200-0,H], cache1.de3[1,0]
x-content-type-options: nosniff
age: 5564
x-cache: HIT TCP_MEM_HIT dirn:12:613668474
x-cnection: close
x-swift-cachetime: 86010
x-swift-savetime: Tue, 11 Jan 2022 14:59:15 GMT
content-length: 4740
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 14:52:44 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641912765
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183297834679e
expires: Tue, 18 Jan 2022 14:52:44 GMT

GET
H2 200 _2022011122493921945_popup.jpg
image.stheadline.com/f/81r65/0x0/100/hd/3eb633c253ef33a65e4cdc2bf1376ef6/stheadline/inewsmedia/20220111/ 4 KB
5 KB 24ms
23ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/81r65/0x0/100/hd/3eb633c253ef33a65e4cdc2bf1376ef6/stheadline/inewsmedia/20220111/_2022011122493921945_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

e8c854bdad569517f51ae5122afecd34e1cbad187ffb9ebbf0370b71ebb3dd81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 14:52:44 GMT
via: cache18.l2de2[0,0,200-0,H], cache15.l2de2[0,0], cache2.de3[0,0,200-0,H], cache1.de3[2,0]
x-content-type-options: nosniff
age: 5564
x-cache: HIT TCP_MEM_HIT dirn:12:933579821
x-cnection: close
x-swift-cachetime: 86010
x-swift-savetime: Tue, 11 Jan 2022 14:59:15 GMT
content-length: 4462
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 14:52:44 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641912765
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183297834682e
expires: Tue, 18 Jan 2022 14:52:44 GMT

GET
H2 200 _2022011122461519328_popup.jpg
image.stheadline.com/f/81r65/0x0/100/hd/c83881600b180f0a940dec65b96d2795/stheadline/inewsmedia/20220111/ 3 KB
3 KB 24ms
24ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/81r65/0x0/100/hd/c83881600b180f0a940dec65b96d2795/stheadline/inewsmedia/20220111/_2022011122461519328_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

8459366028c0a6c68351c1d0f41fe9a2fcf2fc401c3f90ab03e9917e887de475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 14:50:38 GMT
via: cache19.l2de2[0,0,200-0,H], cache23.l2de2[1,0], cache6.de3[0,0,200-0,H], cache1.de3[1,0]
x-content-type-options: nosniff
age: 5690
x-cache: HIT TCP_MEM_HIT dirn:13:262328393
x-cnection: close
x-swift-cachetime: 85884
x-swift-savetime: Tue, 11 Jan 2022 14:59:15 GMT
content-length: 3251
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 14:50:38 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641912639
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183297844684e
expires: Tue, 18 Jan 2022 14:50:38 GMT

GET
H2 200 _2022011122392145795_popup.jpg
image.stheadline.com/f/81r65/0x0/100/hd/b3b0bba957892416ae2857e662794b3d/stheadline/inewsmedia/20220111/ 5 KB
5 KB 22ms
22ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/81r65/0x0/100/hd/b3b0bba957892416ae2857e662794b3d/stheadline/inewsmedia/20220111/_2022011122392145795_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

7b2126a7c61d436b37107d519e20e43f2d6f08160dde84495d2359bf2f322c1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 14:44:16 GMT
via: cache17.l2de2[0,0,200-0,H], cache18.l2de2[0,0], cache13.de3[0,0,200-0,H], cache1.de3[0,0]
x-content-type-options: nosniff
age: 6072
x-cache: HIT TCP_MEM_HIT dirn:12:43125247
x-cnection: close
x-swift-cachetime: 83007
x-swift-savetime: Tue, 11 Jan 2022 15:40:50 GMT
content-length: 4834
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 14:44:16 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641912257
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183298014731e
expires: Tue, 18 Jan 2022 14:44:16 GMT

GET
H2 200 _2022011118140129957_popup.jpg
image.stheadline.com/f/81r65/0x0/100/hd/cefff56aadbd7affdb8257c3b72b3394/stheadline/inewsmedia/20220111/ 5 KB
5 KB 24ms
23ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/81r65/0x0/100/hd/cefff56aadbd7affdb8257c3b72b3394/stheadline/inewsmedia/20220111/_2022011118140129957_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

74f46ac5adbd5095805e2d882ae04fdabcc2c3d108ac806470e1f052bd474f3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 14:34:58 GMT
via: cache14.l2de2[0,0,200-0,H], cache4.l2de2[0,0], cache1.de3[0,0,200-0,H], cache1.de3[2,0]
x-content-type-options: nosniff
age: 6630
x-cache: HIT TCP_MEM_HIT dirn:12:646798163
x-cnection: close
x-swift-cachetime: 86285
x-swift-savetime: Tue, 11 Jan 2022 14:36:54 GMT
content-length: 4750
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 14:34:58 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641911699
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183298084745e
expires: Tue, 18 Jan 2022 14:34:58 GMT

GET
H2 200 _2022011123032624266_popup.jpg
image.stheadline.com/f/81r65/0x0/100/hd/f5ac1e28bdf1ed2c464b72b8da00db29/stheadline/inewsmedia/20220111/ 4 KB
5 KB 25ms
24ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/81r65/0x0/100/hd/f5ac1e28bdf1ed2c464b72b8da00db29/stheadline/inewsmedia/20220111/_2022011123032624266_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

aee1ea9f754b2b4789ebd1f61cb18062b82b75ea6d873f8fdc04ed29bfa47b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:06:00 GMT
via: cache17.l2de2[0,0,200-0,H], cache20.l2de2[1,0], cache10.de3[0,0,200-0,H], cache1.de3[3,0]
x-content-type-options: nosniff
age: 4768
x-cache: HIT TCP_MEM_HIT dirn:13:623175980
x-cnection: close
x-swift-cachetime: 85307
x-swift-savetime: Tue, 11 Jan 2022 15:24:14 GMT
content-length: 4577
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 15:06:00 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641913561
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183298084747e
expires: Tue, 18 Jan 2022 15:06:00 GMT

GET
H2 200 _2022011122240342909_popup.jpg
image.stheadline.com/f/81r65/0x0/100/hd/3875ef6687542743af603bd445d38e95/stheadline/inewsmedia/20220111/ 5 KB
5 KB 25ms
24ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/81r65/0x0/100/hd/3875ef6687542743af603bd445d38e95/stheadline/inewsmedia/20220111/_2022011122240342909_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

d9c8e5ef82dc427ee83b5a4d7daef27d95ff700ee5644d2e899d85ffc57f7b27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 14:26:07 GMT
via: cache22.l2de2[0,0,200-0,H], cache6.l2de2[1,0], cache2.de3[0,0,200-0,H], cache1.de3[3,0]
x-content-type-options: nosniff
age: 7161
x-cache: HIT TCP_MEM_HIT dirn:12:920851346
x-cnection: close
x-swift-cachetime: 86262
x-swift-savetime: Tue, 11 Jan 2022 14:28:26 GMT
content-length: 5156
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 14:26:07 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641911168
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183298084748e
expires: Tue, 18 Jan 2022 14:26:07 GMT

GET
H2 200 _2022011122190012990_popup.jpg
image.stheadline.com/f/81r65/0x0/100/hd/8cd0925cbe39bea6b417ab707b651f2b/stheadline/inewsmedia/20220111/ 3 KB
3 KB 22ms
21ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/81r65/0x0/100/hd/8cd0925cbe39bea6b417ab707b651f2b/stheadline/inewsmedia/20220111/_2022011122190012990_popup.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

4ff64a01ca56a68e14987a2832af970e299cced99e9ddc194c9f495010c80b34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 14:21:53 GMT
via: cache15.l2de2[0,0,200-0,H], cache25.l2de2[1,0], cache13.de3[0,0,200-0,H], cache1.de3[1,0]
x-content-type-options: nosniff
age: 7415
x-cache: HIT TCP_MEM_HIT dirn:13:17186840
x-cnection: close
x-swift-cachetime: 86309
x-swift-savetime: Tue, 11 Jan 2022 14:23:25 GMT
content-length: 3231
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 11 Jan 2022 14:21:53 GMT
server: Tengine
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641910914
content-type: image/jpeg
cache-control: max-age=3600
timing-allow-origin: *
eagleid: 4f85b19516419183298234767e
expires: Tue, 18 Jan 2022 14:21:53 GMT

GET
H/1.1 200
OK coverimg_1641874112.jpeg
static.stheadline.com/stheadline/sthl_cover_res/videos/ 32 KB
33 KB 196ms
194ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/sthl_cover_res/videos/coverimg_1641874112.jpeg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

b4995eb5bb05468640e2cfa1a35212cab11a28a872dc6bf63b412999fd473b3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:31 GMT
X-Content-Type-Options: nosniff
ETag: "61dd02c0-81fe"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 33278
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:31 GMT

GET
H/1.1 200
OK coverimg_1641803375.jpeg
static.stheadline.com/stheadline/sthl_cover_res/videos/ 46 KB
46 KB 216ms
206ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/sthl_cover_res/videos/coverimg_1641803375.jpeg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

44c580c6111838dad9b043b957ab660884e174208acbf200327e7011bd9beddc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:31 GMT
X-Content-Type-Options: nosniff
ETag: "61dbee6e-b73e"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 46910
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:31 GMT

GET
H/1.1 200
OK coverimg_1641783832.jpeg
static.stheadline.com/stheadline/sthl_cover_res/videos/ 34 KB
35 KB 191ms
191ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/sthl_cover_res/videos/coverimg_1641783832.jpeg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

64055b9ee895e8ac9fdf64a6ace82dcbd3ccf040b61fb8cc738e5fa208b98988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:31 GMT
X-Content-Type-Options: nosniff
ETag: "61dba218-8842"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 34882
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:31 GMT

GET
H/1.1 200
OK HL_NEC.jpg
static.stheadline.com/stheadline/sthl_cover_res/2022/20220111/ 38 KB
39 KB 205ms
196ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/sthl_cover_res/2022/20220111/HL_NEC.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

0784f19c1665842ea90014aac95be88262a2d60ddae2a033d2ddc9ae1dff2af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:31 GMT
X-Content-Type-Options: nosniff
ETag: "61dc8f4f-99bf"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 39359
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:31 GMT

GET
H/1.1 200
OK HL_ENP27.jpg
static.stheadline.com/stheadline/sthl_cover_res/2022/20220111/ 38 KB
38 KB 214ms
202ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/sthl_cover_res/2022/20220111/HL_ENP27.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

d5189c595e201ea6cd8f342de726bcce00d7435a9ec4b1f07879b6608c9b2e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:31 GMT
X-Content-Type-Options: nosniff
ETag: "61dc8f4f-9661"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 38497
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:31 GMT

GET
H/1.1 200
OK i_640x400_064083816.jpg
static.stheadline.com/stheadline/news_res/2022/01/11/87152/ 19 KB
20 KB 191ms
191ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/news_res/2022/01/11/87152/i_640x400_064083816.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

8b30307d6aaec78226b4700600a96137cb473f514df80fc4355ed970b2702886

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:31 GMT
X-Content-Type-Options: nosniff
ETag: "61dcb5ee-4d8f"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 19855
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:31 GMT

GET
H/1.1 200
OK i_216x135_550634071.jpg
static.stheadline.com/stheadline/news_res/2022/01/11/87154/ 9 KB
9 KB 200ms
192ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/news_res/2022/01/11/87154/i_216x135_550634071.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

5ec0642d6ad00d4874c1b6d6246eb5d84f2a3a8321d25ccb06b78360e83aa5a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:31 GMT
X-Content-Type-Options: nosniff
ETag: "61dcb5f1-235d"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 9053
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:31 GMT

GET
H/1.1 200
OK i_216x135_065420275.jpg
static.stheadline.com/stheadline/news_res/2022/01/11/87208/ 9 KB
10 KB 204ms
194ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/news_res/2022/01/11/87208/i_216x135_065420275.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

e52f58ba9a5e56daee2098f3af529a8c1814d51851f89e767a679871cbcb16dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:31 GMT
X-Content-Type-Options: nosniff
ETag: "61dcb65f-2468"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 9320
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:31 GMT

GET
H/1.1 200
OK i_216x135_026412788.jpg
static.stheadline.com/stheadline/news_res/2022/01/11/87476/ 8 KB
9 KB 202ms
202ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/news_res/2022/01/11/87476/i_216x135_026412788.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

7e79fc1135b532a552f4ab3d934f80fc4510535b3bd0c8439b8fede86db4fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:31 GMT
X-Content-Type-Options: nosniff
ETag: "61dcb614-2189"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 8585
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:31 GMT

GET
H/1.1 200
OK index_sports_thumbnail.jpg
static.stheadline.com/stheadline/images/ 11 KB
12 KB 409ms
399ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/images/index_sports_thumbnail.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

1e03922084797c4e164beef4d87fac8599b4b1956d807dbb95ff302cd36bc872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:32 GMT
X-Content-Type-Options: nosniff
ETag: "5c05eadd-2d99"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 11673
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:32 GMT

GET
H/1.1 200
OK i_216x135_840062143.jpg
static.stheadline.com/stheadline/news_res/2022/01/11/87224/ 9 KB
10 KB 202ms
192ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/news_res/2022/01/11/87224/i_216x135_840062143.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

ee9a67f6c41000c625cbe991e19755998aa03d991281a9bfa9c6bd9a9dc81b41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:32 GMT
X-Content-Type-Options: nosniff
ETag: "61dcb686-24e7"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 9447
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:32 GMT

GET
H/1.1 200
OK i_216x135_206140121.jpg
static.stheadline.com/stheadline/news_res/2022/01/11/87184/ 10 KB
11 KB 195ms
192ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/news_res/2022/01/11/87184/i_216x135_206140121.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

80ae2f0e55f139d26a72f71f5cb3d15bef7d21c02055590bd657c5617b328571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:32 GMT
X-Content-Type-Options: nosniff
ETag: "61dcb626-27c2"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 10178
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:32 GMT

GET
H/1.1 200
OK Img_110172_500_220111175906.jpg
res001.stheadline.com/vNews//2022/01/11/ 27 KB
27 KB 997ms
190ms Image
image/jpeg 203.80.1.102
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res001.stheadline.com/vNews//2022/01/11/Img_110172_500_220111175906.jpg
Requested by: Host: hd.stheadline.com
URL: https://hd.stheadline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 203.80.1.102 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),
Reverse DNS
Software: nginx/1.2.6 /
Resource Hash: b9ae38ad5fcb3ce0146df259dcfe77f2afbbd76d28bd93480210fc16edd1a7f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:31 GMT
Last-Modified: Tue, 11 Jan 2022 09:59:06 GMT
Server: nginx/1.2.6
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27681
Content-Type: image/jpeg

GET
H/1.1 200
OK Img_110201_500_220111194644.jpg
res001.stheadline.com/vNews//2022/01/11/ 25 KB
26 KB 1035ms
199ms Image
image/jpeg 203.80.1.102
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res001.stheadline.com/vNews//2022/01/11/Img_110201_500_220111194644.jpg
Requested by: Host: hd.stheadline.com
URL: https://hd.stheadline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 203.80.1.102 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),
Reverse DNS
Software: nginx/1.2.6 /
Resource Hash: e3e992d0990ee9195845eddedeeac807e0f09dd42324e18bd03bb17e9d4a1640

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:31 GMT
Last-Modified: Tue, 11 Jan 2022 11:46:44 GMT
Server: nginx/1.2.6
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25968
Content-Type: image/jpeg

GET
H/1.1 200
OK Img_110197_500_220111182052.jpg
res001.stheadline.com/vNews//2022/01/11/ 21 KB
21 KB 1038ms
201ms Image
image/jpeg 203.80.1.102
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res001.stheadline.com/vNews//2022/01/11/Img_110197_500_220111182052.jpg
Requested by: Host: hd.stheadline.com
URL: https://hd.stheadline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 203.80.1.102 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),
Reverse DNS
Software: nginx/1.2.6 /
Resource Hash: 19fc86c605ad28013ec38eae20616fe88f6635d5e0f6fb6ae6684675d9ddfee8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:31 GMT
Last-Modified: Tue, 11 Jan 2022 10:20:53 GMT
Server: nginx/1.2.6
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21453
Content-Type: image/jpeg

GET
H/1.1 200
OK 2021120918360378.jpg
static.stheadline.com/stheadline/columnist_res// 75 KB
76 KB 193ms
191ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/columnist_res//2021120918360378.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

1a7fcc2053126dbf928ca9aad1e35059118af437f84d634f1fe58567c1ecfe34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:32 GMT
X-Content-Type-Options: nosniff
ETag: "61b1dc13-12c47"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 76871
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:32 GMT

GET
H/1.1 200
OK 2021121011042481.jpg
static.stheadline.com/stheadline/columnist_res// 534 KB
534 KB 190ms
189ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/columnist_res//2021121011042481.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

ce8e3530e63bfa05c0ba8eaf738365bca1bad4ed4b46e487c8d877050f1ad474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:32 GMT
X-Content-Type-Options: nosniff
ETag: "61b2c3b8-8565f"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 546399
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:32 GMT

GET
H/1.1 200
OK 20120405045803512634278.jpg
static.stheadline.com/stheadline/columnist_res/columnist_65x65/ 3 KB
3 KB 198ms
197ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/columnist_res/columnist_65x65/20120405045803512634278.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

63c4eca73eccece0acc4fb748f61373e909665bb9a486d961682a36f5701a1ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:32 GMT
X-Content-Type-Options: nosniff
ETag: "554c157a-ae1"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2785
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:32 GMT

GET
H/1.1 200
OK 2020031314123511.jpg
static.stheadline.com/stheadline/columnist_res// 7 KB
8 KB 191ms
190ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/columnist_res//2020031314123511.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

fae0a2f8a1861ac68699bf567945865a2ef1899862343145dc6bb981889385f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:32 GMT
X-Content-Type-Options: nosniff
ETag: "5e6b2453-1d81"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 7553
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:32 GMT

GET
H/1.1 200
OK 20120405051055449676514.jpg
static.stheadline.com/stheadline/columnist_res/columnist_65x65/ 3 KB
4 KB 193ms
191ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/columnist_res/columnist_65x65/20120405051055449676514.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

e367caee0d9e8d1451ee6197cb2555719bc1011ecd6952e28ba67e8edbf8b7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:32 GMT
X-Content-Type-Options: nosniff
ETag: "554c157a-c82"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 3202
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:32 GMT

GET
H/1.1 200
OK 20120403124155224212647.jpg
static.stheadline.com/stheadline/columnist_res/columnist_65x65/ 2 KB
3 KB 190ms
190ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/columnist_res/columnist_65x65/20120403124155224212647.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

f8b23f718b424e619d61d6682a789a61b2baea1b00de5aec1cf5937e98b9514d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:32 GMT
X-Content-Type-Options: nosniff
ETag: "554c157a-9cf"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2511
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:32 GMT

GET
H/1.1 200
OK 2021121010230328.jpg
static.stheadline.com/stheadline/columnist_res// 254 KB
254 KB 191ms
191ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/columnist_res//2021121010230328.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

98b43100874be7e184ce50e8c96417334c0e84b2710a2c6df554a0cf36a79fd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:32 GMT
X-Content-Type-Options: nosniff
ETag: "61b2ba07-3f681"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 259713
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:32 GMT

GET
H/1.1 200
OK 2021121011131893.jpg
static.stheadline.com/stheadline/columnist_res// 145 KB
145 KB 204ms
204ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/columnist_res//2021121011131893.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

f1dbeba3538c79a6f501270f086238eceadf6c79ef69c1d9d68e1decc3fdb0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:32 GMT
X-Content-Type-Options: nosniff
ETag: "61b2c5ce-24396"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 148374
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:32 GMT

GET
H/1.1 200
OK 2021121010330559.jpg
static.stheadline.com/stheadline/columnist_res// 69 KB
70 KB 193ms
192ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/columnist_res//2021121010330559.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

3e226242583e4956742c67fe12bf9d751c86a16883d4ffac9db6c99eeb8a490f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:32 GMT
X-Content-Type-Options: nosniff
ETag: "61b2bc61-1142a"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 70698
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:32 GMT

GET
H/1.1 200
OK 2021121010522416.jpg
static.stheadline.com/stheadline/columnist_res// 160 KB
160 KB 213ms
212ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/columnist_res//2021121010522416.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

59292264d9561a82edd2f1f12e480c5f8a75cf70b1be40ffd4d111201fc0018f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:32 GMT
X-Content-Type-Options: nosniff
ETag: "61b2c0e8-27e9b"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 163483
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:32 GMT

GET
H/1.1 200
OK 2021121010550312.jpg
static.stheadline.com/stheadline/columnist_res// 67 KB
67 KB 193ms
192ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/columnist_res//2021121010550312.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

8c52c6ade244212dabd3240f96cd3874470dc62a5cdfdcdf413490a5b9040641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:33 GMT
X-Content-Type-Options: nosniff
ETag: "61b2c187-10a53"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 68179
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:33 GMT

GET
H/1.1 200
OK i_380x0_686149413.jpg
static.stheadline.com/stheadline/news_res/2022/01/11/92262/ 20 KB
20 KB 194ms
193ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/news_res/2022/01/11/92262/i_380x0_686149413.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

25bed4328841dec3b54605dc1917dc506f498ce055d655129c02bb8975a5b879

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:33 GMT
X-Content-Type-Options: nosniff
ETag: "61dd6640-4f20"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 20256
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:33 GMT

GET
H/1.1 200
OK i_380x0_191818173.jpg
static.stheadline.com/stheadline/news_res/2022/01/11/92258/ 17 KB
18 KB 195ms
192ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/news_res/2022/01/11/92258/i_380x0_191818173.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

4e5d444d11e6905c76bb16dc816f2ff475f33f0b72420fbbf32ee3489254c467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:33 GMT
X-Content-Type-Options: nosniff
ETag: "61dd65e0-446d"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 17517
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:33 GMT

GET
H/1.1 200
OK i_380x0_317806115.jpg
static.stheadline.com/stheadline/news_res/2022/01/11/91748/ 164 KB
165 KB 198ms
194ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/news_res/2022/01/11/91748/i_380x0_317806115.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

fba42465c1bb65b031127f657c63e20ca3febce883d2388877b957fadb6a3677

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:33 GMT
X-Content-Type-Options: nosniff
ETag: "61dd56c1-29192"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 168338
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:33 GMT

GET
H/1.1 200
OK i_380x0_121504489.jpg
static.stheadline.com/stheadline/news_res/2022/01/11/90770/ 179 KB
179 KB 198ms
195ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/news_res/2022/01/11/90770/i_380x0_121504489.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

09d63218a8d88c7134ed07f880df08411bd2665532ab7f75f060e955d154c3ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:33 GMT
X-Content-Type-Options: nosniff
ETag: "61dd2bf3-2ca7a"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 182906
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:33 GMT

GET
H/1.1 200
OK i_380x0_213913811.jpg
static.stheadline.com/stheadline/news_res/2022/01/11/90258/ 97 KB
98 KB 202ms
200ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/news_res/2022/01/11/90258/i_380x0_213913811.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

7c79ec3e4616a77c6647a80216c49fb9cd31fd1993221e716d9ad5540c59fd07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:33 GMT
X-Content-Type-Options: nosniff
ETag: "61dd11e0-1852c"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 99628
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:33 GMT

GET
H/1.1 200
OK rp_hd_HDLive_20220105.jpg
static.stheadline.com/stheadline/images/banner/2022/ 42 KB
42 KB 193ms
192ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/images/banner/2022/rp_hd_HDLive_20220105.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

f33f45939a9c6567f5edf939ae23420a1a3b90d1fc10d84ab3703144cfca77a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:33 GMT
X-Content-Type-Options: nosniff
ETag: "61d68e48-a65e"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 42590
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:33 GMT

GET
H/1.1 200
OK mse.jpg
static.stheadline.com/stheadline/adbanner/housead/ 20 KB
20 KB 191ms
191ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/adbanner/housead/mse.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

10c8bfa039f153cd5ae0f793012f86bd9bfabde5ccf0181577e4a60c31688805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:33 GMT
X-Content-Type-Options: nosniff
ETag: "5eaae25c-4f79"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 20345
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:33 GMT

GET
H/1.1 200
OK stay_home.jpg
static.stheadline.com/stheadline/adbanner/housead/ 22 KB
23 KB 191ms
190ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/adbanner/housead/stay_home.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

dfca5a42642178919b7877293effc5c83e3501e7ccdd117cf0fcda37dd2ad122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:33 GMT
X-Content-Type-Options: nosniff
ETag: "5eaae262-59c5"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 22981
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:33 GMT

GET
H2 200 ncov.jpg
hd.stheadline.com/images/ 28 KB
29 KB 55ms
51ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hd.stheadline.com/images/ncov.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

3302b265ed9b883a761b85e63d733266b71e600e7223cd4dc185e6210030067f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:06 GMT
via: cache5.l2de2[0,0,304-0,H], cache23.l2de2[0,0], cache2.de3[10,9,200-0,H], cache1.de3[11,0]
x-content-type-options: nosniff
age: 23
x-cache: HIT TCP_REFRESH_HIT dirn:12:37102024
x-swift-cachetime: 97
x-swift-savetime: Tue, 11 Jan 2022 16:25:29 GMT
content-length: 28915
x-xss-protection: 1; mode=block
server: Tengine
etag: "5e4102d4-70f3"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641918306
content-type: image/jpeg
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183295274040e
expires: Tue, 11 Jan 2022 16:30:06 GMT

GET
H/1.1 200
OK MHImageChart
charts.megahubhk.com/servlets/ 5 KB
6 KB 1735ms
177ms Image
image/png 210.177.64.9
ERX-STAR HKT Limited

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://charts.megahubhk.com/servlets/MHImageChart?sid=HSI&lang=1&cwidth=260&cheight=150&lang=0&vol=0&xstyle=-1&ctype=5&cperiod=2000105&fsize=11&cr=101&tstyle=5&ystyle=2&wm=1
Requested by: Host: hd.stheadline.com
URL: https://hd.stheadline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.177.64.9 Central, Hong Kong, ASN4515 (ERX-STAR HKT Limited, HK),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 50149c85c46f713e3fb5f52388e0f985c3e80cc59a5fff646255097795ccb43a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:31 GMT
Server: Apache-Coyote/1.1
Transfer-Encoding: chunked
Content-Type: image/png;charset=UTF-8

GET
H2 200 heading-jm2015.png
hd.stheadline.com/images/ 23 KB
24 KB 50ms
47ms Image
image/png 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hd.stheadline.com/images/heading-jm2015.png

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

6dc57f8793a60a587c46f0d3ba69dcd41180a6b3d812a4f423cc97f3a966af49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:24:19 GMT
via: cache12.l2de2[0,0,304-0,H], cache4.l2de2[1,0], cache9.de3[7,6,200-0,H], cache1.de3[10,0]
x-content-type-options: nosniff
age: 70
x-cache: HIT TCP_REFRESH_HIT dirn:12:394766421
x-swift-cachetime: 50
x-swift-savetime: Tue, 11 Jan 2022 16:25:29 GMT
content-length: 23995
x-xss-protection: 1; mode=block
server: Tengine
etag: "56849ee2-5dbb"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641918259
content-type: image/png
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183295274043e
expires: Tue, 11 Jan 2022 16:29:19 GMT

GET
H3 200 perfect-scrollbar.jquery.min.js),sweetalert2@5.3.5 Show response
cdn.jsdelivr.net/g/jquery@1.12.4,bootstrap@3.3.7,perfect-scrollbar@0.6.14(js/ 176 KB
56 KB 67ms
52ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/g/jquery@1.12.4,bootstrap@3.3.7,perfect-scrollbar@0.6.14(js/perfect-scrollbar.jquery.min.js),sweetalert2@5.3.5

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

345272d368f41891c6383f5fd3c1c4016e4bc1fac7c6b5ec4239eca2abe3e9ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6723462
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19124-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"2be95-i6fO4yPAuxM9aIZ6vAnlD9uRMyM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6cbf80578d6068fb-FRA

GET
H2 200 wurfl.js Show response
hd.stheadline.com/js/ 516 B
730 B 25ms
25ms Script
application/javascript 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://hd.stheadline.com/js/wurfl.js

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

c7ea3cdce10dca254bf006e0c30bdb693fcab414178b3dc506bf6950234edf7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:23:34 GMT
via: cache7.l2de2[0,0,304-0,H], cache2.l2de2[0,0], cache7.de3[3,2,200-0,H], cache1.de3[4,0]
x-content-type-options: nosniff
age: 115
x-cache: HIT TCP_REFRESH_HIT dirn:12:610118664
x-swift-cachetime: 5
x-swift-savetime: Tue, 11 Jan 2022 16:25:29 GMT
content-encoding: gzip
content-length: 446
x-xss-protection: 1; mode=block
server: Tengine
x-frame-options: SAMEORIGIN
etag: "589bd08b-204"
vary: Accept-Encoding
ali-swift-global-savetime: 1641918214
content-type: application/javascript; charset=utf-8
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183294993960e
expires: Tue, 11 Jan 2022 16:28:34 GMT

GET
H/1.1 200
OK offcanvas.min.js Show response
static.stheadline.com/stheadline/js/ 351 B
821 B 193ms
192ms Script
application/javascript 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.stheadline.com/stheadline/js/offcanvas.min.js

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

6cb5617edd79f36690f5f962d6eec9c852b037bd3dc6f1f7c65756747e09bb54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
ETag: "5582411f-15f"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 193
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:33 GMT

GET
H/1.1 200
OK jquery.fancybox.pack.js Show response
static.stheadline.com/stheadline/js/fancyBox/source/ 23 KB
12 KB 198ms
193ms Script
application/javascript 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.stheadline.com/stheadline/js/fancyBox/source/jquery.fancybox.pack.js?v=2.1.5

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
ETag: "51bade7d-5a5f"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 11849
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:30 GMT

GET
H2 200 modernizr-custom.js Show response
hd.stheadline.com/js/ 8 KB
5 KB 53ms
51ms Script
application/javascript 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://hd.stheadline.com/js/modernizr-custom.js

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

2cbf0f83cf9a64602ed13c4525ff3b969382bbdbe07eeb8d656f0cf639f9424c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:23:40 GMT
via: cache4.l2de2[0,0,304-0,H], cache6.l2de2[0,0], cache10.de3[7,7,200-0,H], cache1.de3[10,0]
x-content-type-options: nosniff
age: 109
x-cache: HIT TCP_REFRESH_HIT dirn:13:636524681
x-swift-cachetime: 11
x-swift-savetime: Tue, 11 Jan 2022 16:25:29 GMT
content-encoding: gzip
content-length: 4424
x-xss-protection: 1; mode=block
server: Tengine
x-frame-options: SAMEORIGIN
etag: "58a29f9e-1e8d"
vary: Accept-Encoding
ali-swift-global-savetime: 1641918220
content-type: application/javascript; charset=utf-8
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183295274047e
expires: Tue, 11 Jan 2022 16:28:40 GMT

GET
H2 200 custom.js Show response
hd.stheadline.com/js/ 94 KB
33 KB 49ms
46ms Script
application/javascript 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://hd.stheadline.com/js/custom.js

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

ad59f0858e0c0c3ac53ff8facaaf5f986ff5a7c6e992e5771d8e202b668b71df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:23:41 GMT
via: cache4.l2de2[0,0,304-0,H], cache4.l2de2[0,0], cache6.de3[3,2,200-0,H], cache1.de3[7,0]
x-content-type-options: nosniff
age: 108
x-cache: HIT TCP_REFRESH_HIT dirn:13:285836658
x-swift-cachetime: 12
x-swift-savetime: Tue, 11 Jan 2022 16:25:29 GMT
content-encoding: gzip
content-length: 33212
x-xss-protection: 1; mode=block
server: Tengine
x-frame-options: SAMEORIGIN
etag: "61b0d86d-176c1"
vary: Accept-Encoding
ali-swift-global-savetime: 1641918221
content-type: application/javascript; charset=utf-8
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183295274050e
expires: Tue, 11 Jan 2022 16:28:41 GMT

GET
H/1.1 200
OK comscore.streaming.min.js Show response
static.stheadline.com/stheadline/js/comscore/ 103 KB
33 KB 210ms
203ms Script
application/javascript 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.stheadline.com/stheadline/js/comscore/comscore.streaming.min.js

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

de0bc01daa8996739e538c4c3f58f458bf15d737d35a8cddb0d8d8d1d800db94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
ETag: "591e726b-19d8c"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 33576
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:34 GMT

GET
H/1.1 200
OK streamsense.min.js Show response
static.stheadline.com/stheadline/js/comscore/ 19 KB
9 KB 194ms
193ms Script
application/javascript 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.stheadline.com/stheadline/js/comscore/streamsense.min.js

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

8c7d5b45d79382a4e49209a3926b9d22bb8bd9f9f79432e6e12b815d888ea72a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
ETag: "52e7d0ee-4d41"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 8861
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:34 GMT

GET
H/1.1 200
OK video-js.min.css
static.stheadline.com/stheadline/css/ 38 KB
18 KB 206ms
194ms Stylesheet
text/css 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.stheadline.com/stheadline/css/video-js.min.css

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

9b967a69371e3af4e63c91981001d84776d23811a57f5c9c6b3a96b6c2da9310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
ETag: "5919436c-99c8"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 18164
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:30 GMT

GET
H/1.1 200
OK video.min.js Show response
static.stheadline.com/stheadline/js/ 245 KB
93 KB 198ms
198ms Script
application/javascript 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.stheadline.com/stheadline/js/video.min.js

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

f32a3d8e1c45e726fab7ddb248a819224769188e2db00ae92031f92c7f4f8b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
ETag: "5919436c-3d3b0"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 95015
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:34 GMT

GET
H2 200 MTY0HLCmk030HLWEVLSW9fNU1mbl9YOUhTQVFCeDB4dwMTkxODM1NA.gif
hd.stheadline.com/wt/ 43 B
319 B 223ms
221ms Image
image/gif 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hd.stheadline.com/wt/MTY0HLCmk030HLWEVLSW9fNU1mbl9YOUhTQVFCeDB4dwMTkxODM1NA.gif

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:29 GMT
via: cache18.l2de2[186,185,200-0,M], cache11.l2de2[186,0], cache11.de3[195,194,200-0,M], cache1.de3[198,0]
x-content-type-options: nosniff
x-swift-cachetime: 0
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Tue, 11 Jan 2022 16:25:29 GMT
content-length: 43
x-xss-protection: 1; mode=block
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: Tengine
x-robots-tag: noindex, nofollow, noarchive
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641918329
content-type: image/gif
cache-control: no-cache
timing-allow-origin: *
eagleid: 4f85b19516419183295274052e
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 787 B
1 KB 146ms
35ms XHR
application/json 52.18.187.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=E1E31A3C5BB4BED90A495E47%40AdobeOrg&d_nsid=0&ts=1641918328027

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN227213af532841a48cb92e23b43a2f63.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.18.187.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-187-187.eu-west-1.compute.amazonaws.com

Software

Resource Hash

aea3a63ac8e9fc878e49c68e6b73a4e958863db8cbb806b0bd56843112f1dfdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hd.stheadline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v026-099f6d80c.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: YXx0G/rCSF8=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://hd.stheadline.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 490
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPb3826f174b534354aaa5a9e9f1dab55d/ 33 KB
13 KB 24ms
22ms Script
application/x-javascript 2a02:26f0:df:3a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPb3826f174b534354aaa5a9e9f1dab55d/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN227213af532841a48cb92e23b43a2f63.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:df:3a5::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1cfb73df05de1b204ad9c2b2d24b83b6d5b4f07c43108d51a60f97f457b9dbf0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:29 GMT
content-encoding: gzip
last-modified: Fri, 09 Nov 2018 18:46:43 GMT
server: AkamaiNetStorage
etag: "1f64108eb4f6b120a8edd5b15d3e0a3b:1541789205"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://hd.stheadline.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12546
expires: Tue, 11 Jan 2022 17:25:29 GMT

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Yd2vegAAAHwviwPg
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=51744879261176482361561322553908381230
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yd2vegAAAHwviwPg

42 B
945 B

32ms
32ms

Image
image/gif

52.18.187.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yd2vegAAAHwviwPg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Server

52.18.187.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-187-187.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v026-0af43dd6b.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: YyL7sZhKSBI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yd2vegAAAHwviwPg
Date: Tue, 11 Jan 2022 16:25:30 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 102 KB
39 KB 140ms
55ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T3HQTH7

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b3fe1b8edceec287ca0d158311e1cff6b49d2e31bfc56a7055b2049e21a7adb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39832
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jan 2022 16:25:30 GMT

GET
H2 200 all.js Show response
connect.facebook.net/zh_HK/ 3 KB
2 KB 42ms
10ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_HK/all.js

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1517d807ef62fd59eecfac3446954f0a7fc091e5476e3cd77a60b1056d601b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: LMg4Lp+bHI01ngtIJTp6Iw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1689
x-fb-rlafr: 0
x-fb-debug: Sof6Po2ubAHgl7Fpm0ilUB3XRJJEnMjkArqd76qYAaMJzfjxv3K0bH0DMnEoDA1mT1Antkdb/+zDNjYxtC/EVQ==
x-fb-trip-id: 917726464
x-fb-content-md5: 81b8ac47a744ea7f06fb848fc9f7c836
x-frame-options: DENY
date: Tue, 11 Jan 2022 16:25:30 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "cfe9d7d761ee680522e0d24f25925f2e"
timing-allow-origin: *
expires: Tue, 11 Jan 2022 16:35:25 GMT

GET
H/1.1 200
OK dest5.html Show response
singtaonewscorp.demdex.net/ Frame 1800 7 KB
3 KB 387ms
36ms Document
text/html 52.211.244.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://singtaonewscorp.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN227213af532841a48cb92e23b43a2f63.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.244.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-244-253.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Tue, 11 Jan 2022 16:25:29 GMT
DCS: dcs-prod-irl1-1-v026-06c418801.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 20 Dec 2021 14:08:59 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: ODE8wRBlRz0=
Content-Length: 2791
Connection: keep-alive

GET
H/1.1 200
OK wea-13.png
static.stheadline.com/stheadline/images/weather/ 4 KB
4 KB 425ms
191ms Image
image/png 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/images/weather/wea-13.png

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/framework.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

4f69fd45ad3312c86269ddba0fde761925fce222e5fdabc62b2edf519607933a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:30 GMT
X-Content-Type-Options: nosniff
ETag: "555bf70f-f01"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 3841
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:30 GMT

GET
H/1.1 200
OK humidity.png
static.stheadline.com/stheadline/images/ 2 KB
3 KB 417ms
190ms Image
image/png 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/images/humidity.png

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/framework.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

38ae38140d5cf7dc3b516d04dd50bfaf73434f0d37adc5767a727ddaa08e9a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:30 GMT
X-Content-Type-Options: nosniff
ETag: "555c01af-9d8"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2520
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:30 GMT

GET
H/1.1 200
OK logo-2.png
static.stheadline.com/stheadline/images/ 17 KB
18 KB 225ms
192ms Image
image/png 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/images/logo-2.png

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/framework.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

0d156e1622747cafbbf76f229ed6b01a6fa8e926caaf20b1090418c179c10c70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:30 GMT
X-Content-Type-Options: nosniff
ETag: "5d1d8e33-45ae"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 17838
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:30 GMT

GET
H3 200 fontawesome-webfont.woff2
cdn.jsdelivr.net/fontawesome/4.6.3/fonts/ 70 KB
71 KB 33ms
20ms Font
font/woff2 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/fontawesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/fontawesome/4.6.3/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/fontawesome/4.6.3/css/font-awesome.min.css
Origin: https://hd.stheadline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6723507
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 71896
x-served-by: cache-fra19171-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"118d8-l+Q4zFRXFDCYgvvOrb80T8rdzsU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
cf-ray: 6cbf8057b8085bdd-FRA

GET
H2 200 video.php Show response
www.facebook.com/plugins/ Frame DFF7 449 KB
98 KB 287ms
267ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b78c7eb76e37e4285db817724803514c815aac4ce085121efd9dbd0a1595fe1f

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: fzwXZdLUw+ytJqkRypILYNAC9zJBSIESLN4Psa3Hfyq0/MudZsC1YKoh/GnEcpYTskQTSw9nwD0l2lAnFWEi5g==
date: Tue, 11 Jan 2022 16:25:30 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H/1.1 200
OK logo-s.png
static.stheadline.com/stheadline/images/ 3 KB
4 KB 380ms
201ms Image
image/png 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/images/logo-s.png

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/framework.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

1d929ca8231cdf7dcfd696c6d44475cc44f8e924c7863ffb7fc5802102ec80c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:31 GMT
X-Content-Type-Options: nosniff
ETag: "559b3fc2-c98"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 3224
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:31 GMT

GET
H/1.1 200
OK bg-p-01.gif
static.stheadline.com/stheadline/images/ 42 B
616 B 344ms
191ms Image
image/gif 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/images/bg-p-01.gif

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/styles.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

f0ecc9be2916a80a19ba3cba87fde44c599bbedb0060c8f42f834de886d6874a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:31 GMT
X-Content-Type-Options: nosniff
ETag: "553465c2-2a"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 42
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:31 GMT

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 loading.gif
hd.stheadline.com/images/ 17 KB
18 KB 224ms
222ms Image
image/gif 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hd.stheadline.com/images/loading.gif

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/live.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

e53202133a17df3372a7ed8f3b2cd34f674c389fcff93aa46d6bcd72bfa4bf58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/css/live.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:29 GMT
via: cache15.l2de2[187,186,304-0,M], cache10.l2de2[188,0], cache13.de3[196,195,200-0,H], cache1.de3[201,0]
x-content-type-options: nosniff
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:13:936336301
x-swift-cachetime: 120
x-swift-savetime: Tue, 11 Jan 2022 16:25:29 GMT
content-length: 17904
x-xss-protection: 1; mode=block
server: Tengine
etag: "5fffb902-45f0"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641918329
content-type: image/gif
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183296964455e
expires: Tue, 11 Jan 2022 16:30:29 GMT

GET
H2 200 icon-fblive-play.png
hd.stheadline.com/images/ 3 KB
3 KB 216ms
214ms Image
image/png 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hd.stheadline.com/images/icon-fblive-play.png

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/live.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

6f8824a524bee61aef45526d005b684f8d198073c9754965073b362b03cfd290

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/css/live.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:30 GMT
via: cache14.l2de2[187,187,304-0,M], cache6.l2de2[188,0], cache10.de3[191,190,200-0,H], cache1.de3[194,0]
x-content-type-options: nosniff
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:12:596448647
x-swift-cachetime: 120
x-swift-savetime: Tue, 11 Jan 2022 16:25:29 GMT
content-length: 3099
x-xss-protection: 1; mode=block
server: Tengine
etag: "5ffd26c3-c1b"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641918329
content-type: image/png
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183296964456e
expires: Tue, 11 Jan 2022 16:30:30 GMT

GET
H/1.1 200
OK logo-popnews.jpg
static.stheadline.com/stheadline/images/ 7 KB
7 KB 192ms
191ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/images/logo-popnews.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/styles.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

d8fa69059251b2aa34acbcad47d1b54461f8e31fc4748f83deca7395db6a61c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:34 GMT
X-Content-Type-Options: nosniff
ETag: "552f5670-1b65"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 7013
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:34 GMT

GET
H/1.1 200
OK corp-ceo.jpg
static.stheadline.com/stheadline/images/ 16 KB
16 KB 208ms
196ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/images/corp-ceo.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/framework.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

be4baa4e0a065007c624ad61b19899a07971e5f8a5bc2207f56de6a54a88821f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:34 GMT
X-Content-Type-Options: nosniff
ETag: "559caec7-3f10"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 16144
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:34 GMT

GET
H3 200 glyphicons-halflings-regular.woff2
cdn.jsdelivr.net/bootstrap/3.3.7/fonts/ 18 KB
18 KB 26ms
25ms Font
font/woff2 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/bootstrap/3.3.7/css/bootstrap.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/bootstrap/3.3.7/css/bootstrap.min.css
Origin: https://hd.stheadline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6723517
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18028
x-served-by: cache-fra19157-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"466c-yjW2l9mcrk0bYPLWD803dxmH6wc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
cf-ray: 6cbf805889675bdd-FRA

GET
H/1.1 206
Partial Content sthl_superapp_housead.mp4
vod6.hkheadline.com/hkheadline/instant_video/2022/0103/ 48 KB
0 1629ms
192ms Media
video/mp4 203.80.0.196
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vod6.hkheadline.com/hkheadline/instant_video/2022/0103/sthl_superapp_housead.mp4
Requested by: Host: hd.stheadline.com
URL: https://hd.stheadline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 203.80.0.196 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://hd.stheadline.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 11 Jan 2022 16:25:31 GMT
Last-Modified: Thu, 30 Dec 2021 04:29:05 GMT
Server: nginx
ETag: "61cd3591-6b9273"
Content-Type: video/mp4
Content-Range: bytes 0-7049842/7049843
Connection: keep-alive
Content-Length: 7049843

GET
H/1.1 200
OK rp_sp_member22_20220105.gif
static.stheadline.com/stheadline/images/banner/2022/ 52 KB
53 KB 194ms
194ms Image
image/gif 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/images/banner/2022/rp_sp_member22_20220105.gif

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

e490ddfe8120f1602aa7205c805b2730025bbb05e6c3b14da57595e1df0c2529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:34 GMT
X-Content-Type-Options: nosniff
ETag: "61d558a6-d07d"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 53373
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:34 GMT

GET
H/1.1 200
OK rp_debate37_20210901.jpg
static.stheadline.com/stheadline/images/banner/common/ 37 KB
38 KB 207ms
206ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/images/banner/common/rp_debate37_20210901.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

307d753f986b044663034f6fea71a3b19f92bc7956f7a4ac9fbb6b0674b0de46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:34 GMT
X-Content-Type-Options: nosniff
ETag: "612ddec8-94d1"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 38097
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:34 GMT

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK logo-finance.jpg
static.stheadline.com/stheadline/images/ 21 KB
22 KB 196ms
195ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/images/logo-finance.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/styles.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

a90e2357be80d19f9549afa5374d3ccf0c0e6eb21e4ba9e4fb1210ead27efccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:34 GMT
X-Content-Type-Options: nosniff
ETag: "60d46ccd-55c3"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 21955
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:34 GMT

GET
H/1.1 200
OK icon-megahub.jpg
static.stheadline.com/stheadline/images/ 2 KB
2 KB 191ms
191ms Image
image/jpeg 203.80.0.157
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.stheadline.com/stheadline/images/icon-megahub.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/styles.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

static.stheadline.com

Software

Resource Hash

0d6aeccae97f8afc180c067875efd44cd1ab913e62201a2befb4fe227f2dd448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:34 GMT
X-Content-Type-Options: nosniff
ETag: "5533b4c6-6ad"
Vary: Accept, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1709
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Jan 2022 16:30:34 GMT

GET
H2 200 logo_01.jpg
hd.stheadline.com/images/fl/ 3 KB
3 KB 27ms
25ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hd.stheadline.com/images/fl/logo_01.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/styles.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

aeca8972210ef71bb5529fef5f2b59ad8ee8baecc5f7f0c36b4657f8d74e29b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/css/styles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:23:48 GMT
via: cache14.l2de2[0,0,304-0,H], cache10.l2de2[1,0], cache13.de3[3,2,200-0,H], cache1.de3[6,0]
x-content-type-options: nosniff
age: 102
x-cache: HIT TCP_REFRESH_HIT dirn:13:22332622
x-swift-cachetime: 18
x-swift-savetime: Tue, 11 Jan 2022 16:25:30 GMT
content-length: 2765
x-xss-protection: 1; mode=block
server: Tengine
etag: "57c3b5a9-acd"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641918228
content-type: image/jpeg
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183302035679e
expires: Tue, 11 Jan 2022 16:28:48 GMT

GET
H2 200 logo_02.jpg
hd.stheadline.com/images/fl/ 4 KB
4 KB 27ms
26ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hd.stheadline.com/images/fl/logo_02.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/styles.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

bd88c8a6443878c1b90216a199ab6be673d81237da83f5216d3961eab73c3891

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/css/styles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:10 GMT
via: cache5.l2de2[0,0,304-0,H], cache5.l2de2[0,0], cache13.de3[2,2,200-0,H], cache1.de3[5,0]
x-content-type-options: nosniff
age: 20
x-cache: HIT TCP_REFRESH_HIT dirn:12:18682290
x-swift-cachetime: 100
x-swift-savetime: Tue, 11 Jan 2022 16:25:30 GMT
content-length: 3871
x-xss-protection: 1; mode=block
server: Tengine
etag: "55d19e86-f1f"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641918310
content-type: image/jpeg
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183302045683e
expires: Tue, 11 Jan 2022 16:30:10 GMT

GET
H2 200 logo_03.jpg
hd.stheadline.com/images/fl/ 4 KB
4 KB 27ms
26ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hd.stheadline.com/images/fl/logo_03.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/styles.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

62396c150946104d4809279cfa87658c6733aa1b816420bbc620ead53e005f32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/css/styles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:23:48 GMT
via: cache16.l2de2[0,0,304-0,H], cache12.l2de2[0,0], cache8.de3[3,2,200-0,H], cache1.de3[4,0]
x-content-type-options: nosniff
age: 102
x-cache: HIT TCP_REFRESH_HIT dirn:12:822311499
x-swift-cachetime: 18
x-swift-savetime: Tue, 11 Jan 2022 16:25:30 GMT
content-length: 3872
x-xss-protection: 1; mode=block
server: Tengine
etag: "55d19e86-f20"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641918228
content-type: image/jpeg
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183302055686e
expires: Tue, 11 Jan 2022 16:28:48 GMT

GET
H2 200 logo_04.jpg
hd.stheadline.com/images/fl/ 6 KB
6 KB 222ms
221ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hd.stheadline.com/images/fl/logo_04.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/styles.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

0b9cf9c5d4d128f772ee7ddfce66f324edf2d54f967fbb78f135a0e4d371cbfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/css/styles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:30 GMT
via: cache21.l2de2[189,189,304-0,M], cache26.l2de2[190,0], cache8.de3[198,198,200-0,H], cache1.de3[200,0]
x-content-type-options: nosniff
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:13:208216900
x-swift-cachetime: 120
x-swift-savetime: Tue, 11 Jan 2022 16:25:30 GMT
content-length: 5670
x-xss-protection: 1; mode=block
server: Tengine
etag: "55d19e86-1626"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641918330
content-type: image/jpeg
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183302055687e
expires: Tue, 11 Jan 2022 16:30:30 GMT

GET
H2 200 logo_07.jpg
hd.stheadline.com/images/fl/ 4 KB
4 KB 27ms
26ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hd.stheadline.com/images/fl/logo_07.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/styles.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

a85afcf0346b08217e747c1e0ed04b7e3641043802c1931ed9e2e9b3fcaeceb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/css/styles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:29 GMT
via: cache8.l2de2[0,0,304-0,H], cache4.l2de2[0,0], cache9.de3[3,3,200-0,H], cache1.de3[4,0]
x-content-type-options: nosniff
age: 1
x-cache: HIT TCP_REFRESH_HIT dirn:13:403936184
x-swift-cachetime: 119
x-swift-savetime: Tue, 11 Jan 2022 16:25:30 GMT
content-length: 3976
x-xss-protection: 1; mode=block
server: Tengine
etag: "55d19e86-f88"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641918329
content-type: image/jpeg
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183302065689e
expires: Tue, 11 Jan 2022 16:30:29 GMT

GET
H2 200 logo_08.jpg
hd.stheadline.com/images/fl/ 3 KB
3 KB 27ms
26ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hd.stheadline.com/images/fl/logo_08.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/styles.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

6abcc7592526e14df34a427062db1313446aa69e31caf75ded84a150f5feb1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/css/styles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:23:48 GMT
via: cache20.l2de2[0,0,304-0,H], cache14.l2de2[0,0], cache3.de3[2,3,200-0,H], cache1.de3[5,0]
x-content-type-options: nosniff
age: 102
x-cache: HIT TCP_REFRESH_HIT dirn:12:290051301
x-swift-cachetime: 18
x-swift-savetime: Tue, 11 Jan 2022 16:25:30 GMT
content-length: 3080
x-xss-protection: 1; mode=block
server: Tengine
etag: "55d19e86-c08"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641918228
content-type: image/jpeg
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183302065690e
expires: Tue, 11 Jan 2022 16:28:48 GMT

GET
H2 200 logo_10.jpg
hd.stheadline.com/images/fl/ 4 KB
4 KB 32ms
32ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hd.stheadline.com/images/fl/logo_10.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/styles.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

91e7f077664ee9356ee7429127b4d9737f2ac247add6eedacd3a469f5538d5cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/css/styles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:23:48 GMT
via: cache13.l2de2[0,0,304-0,H], cache24.l2de2[1,0], cache14.de3[8,7,200-0,H], cache1.de3[10,0]
x-content-type-options: nosniff
age: 102
x-cache: HIT TCP_REFRESH_HIT dirn:12:650498732
x-swift-cachetime: 18
x-swift-savetime: Tue, 11 Jan 2022 16:25:30 GMT
content-length: 3687
x-xss-protection: 1; mode=block
server: Tengine
etag: "60d4686b-e67"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641918228
content-type: image/jpeg
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183302065691e
expires: Tue, 11 Jan 2022 16:28:48 GMT

GET
H2 200 logo_11.jpg
hd.stheadline.com/images/fl/ 4 KB
4 KB 223ms
222ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hd.stheadline.com/images/fl/logo_11.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/styles.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

ae48acb5feb5671038d418e329e69022d642ce8e1843f8cefe65f0f3e2636c2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/css/styles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:30 GMT
via: cache19.l2de2[187,187,304-0,M], cache15.l2de2[189,0], cache3.de3[198,197,200-0,H], cache1.de3[201,0]
x-content-type-options: nosniff
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:13:289227631
x-swift-cachetime: 120
x-swift-savetime: Tue, 11 Jan 2022 16:25:30 GMT
content-length: 3649
x-xss-protection: 1; mode=block
server: Tengine
etag: "56d5640f-e41"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641918330
content-type: image/jpeg
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183302065693e
expires: Tue, 11 Jan 2022 16:30:30 GMT

GET
H2 200 logo_12.jpg
hd.stheadline.com/images/fl/ 3 KB
4 KB 28ms
28ms Image
image/jpeg 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hd.stheadline.com/images/fl/logo_12.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/styles.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

c5a6b2a1e55e92c33f977bbd6f047cdec63b8fc1d87de48ea0201fed7a40ed64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/css/styles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:10 GMT
via: cache7.l2de2[0,0,304-0,H], cache6.l2de2[1,0], cache10.de3[3,3,200-0,H], cache1.de3[6,0]
x-content-type-options: nosniff
age: 20
x-cache: HIT TCP_REFRESH_HIT dirn:13:606025824
x-swift-cachetime: 100
x-swift-savetime: Tue, 11 Jan 2022 16:25:30 GMT
content-length: 3434
x-xss-protection: 1; mode=block
server: Tengine
etag: "58b3fa97-d6a"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1641918310
content-type: image/jpeg
cache-control: max-age=300, max-age=300
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19516419183302065694e
expires: Tue, 11 Jan 2022 16:30:10 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 121ms
36ms Script
application/javascript 13.33.240.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: hd.stheadline.com
URL: https://hd.stheadline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.240.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-240-11.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 04:58:29 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 41245
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2927b5fd4ddd05be6a9ce18058f195ee.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C1
x-amz-cf-id: DL-A0vhOc0PK4C9G9bLqfDgmzI1Jyw5cPspZLvkYVQSXxjFsBnSdBw==

GET
H2 200 s99690243459771
singtaolimited.sc.omtrdc.net/b/ss/singtaolimitedheadline.daily.website.prd/1/JS-2.10.0-LBWB/ 43 B
393 B 80ms
17ms Image
image/gif 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://singtaolimited.sc.omtrdc.net/b/ss/singtaolimitedheadline.daily.website.prd/1/JS-2.10.0-LBWB/s99690243459771?AQB=1&ndh=1&pf=1&t=11%2F0%2F2022%2016%3A25%3A29%202%200&mid=51312170198466708131535773086328010911&aamlh=6&ce=UTF-8&pageName=%E9%A0%AD%E6%A2%9D%E6%97%A5%E5%A0%B1&g=https%3A%2F%2Fhd.stheadline.com%2F&cc=HKD&ch=%E4%B8%BB%E9%A0%81&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dv1&v1=%E9%A0%AD%E6%A2%9D%E6%97%A5%E5%A0%B1&c2=D%3Dv2&v2=https%3A%2F%2Fhd.stheadline.com%2F&c3=D%3Dv3&v3=%E4%B8%BB%E9%A0%81&c4=D%3Dv4&c5=D%3Dv5&v5=%E4%B8%BB%E9%A0%81&c6=New&c7=New&c8=%2C%2C%2C&v8=51312170198466708131535773086328010911&c9=38&c10=51312170198466708131535773086328010911&c11=16&c12=Tuesday&c13=2&c14=Weekday&c15=11&c17=1&c18=2022&c22=D%3Dv22&c23=D%3Dv23&c27=D%3Dv27&c28=D%3Dv28&c29=D%3Dv29&c30=D%3Dv30&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=E1E31A3C5BB4BED90A495E47%40AdobeOrg&AQE=1

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:30 GMT
x-content-type-options: nosniff
x-c: main-1585.I7afc85.M0-540
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 12 Jan 2022 16:25:30 GMT
server: jag
xserver: anedge-cdfbd77b-cd99b
etag: 3525992765055008768-4619788622609569299
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Mon, 10 Jan 2022 16:25:30 GMT

GET
H3 200 ads.min.js Show response
code.hot-mob.com/api/javascript/sdk4/lib/ 492 B
1 KB 54ms
37ms Script
application/javascript 2606:4700:3035::6815:524
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.hot-mob.com/api/javascript/sdk4/lib/ads.min.js
Requested by: Host: code.hot-mob.com
URL: https://code.hot-mob.com/api/javascript/sdk4/hotmobtag_min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:524 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af0c68f31bfe3eb2d22a56b6b42eb08185d624a7551f0faca4e9426956e9046c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=YS5r+w==, md5=s9K6nsshqh0uFjOd/I6UjQ==
date: Tue, 11 Jan 2022 16:25:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 741710
x-guploader-uploadid: ADPycdtvjBUFRhzkEebuwTQuMSOzsvu4igqRkP4osBAhlRbsAaS2xI9kg9m6vheUCrTVFCxgGqx4F2B11Lsm25HEalmC9GXgXg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 23 Nov 2021 03:02:59 GMT
server: cloudflare
etag: W/"b3d2ba9ecb21aa1d2e16339dfc8e948d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Qjnh9wk4w407rrR8PrKyGaf5eHJp1J%2FT20tm0UwoD9eg1HmaVX8TyvH%2BpEzh%2FsSlJ3IaclCKcjYUENvUkErhPZNMFAPL7BxsfA6CLkIHte3wFyWjj%2FURDvirSYtKjBl%2B%2Ffnua8Kc5tC8IGDhfLT"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1637636578987916
content-type: application/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 298
cf-ray: 6cbf805d39082b71-FRA
expires: Mon, 03 Jan 2022 03:23:40 GMT

GET
H2 200 getThirdPartyTracking Show response
webapi.hot-mob.com/api/cookie/ 405 B
824 B 308ms
293ms Script
application/javascript 2606:4700:3035::6815:524
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webapi.hot-mob.com/api/cookie/getThirdPartyTracking?r=0.1536611100037335
Requested by: Host: code.hot-mob.com
URL: https://code.hot-mob.com/api/javascript/sdk4/hotmobtag_min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:524 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fc5d62b3d260233c10faa4804563d1c5a631ced8b52cf7b2168401fe3b9a2d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:30 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6cbf805d3b0c4e14-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrYdG4yk562CnJIaVX2usLGJ%2BRoR3FauRQV9gh87gpAQIyV0jlj%2FID081sollxVzt06JRuo9DLcPxH86V37THlcXz8PL7DVBVjIw4SEW%2FtYAu%2F%2Bj7Y%2B%2FQnmK0EeYJ9D4Neo%2BYQ3WphsoI2sIeN9fOls%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 style.min.css
code.hot-mob.com/api/javascript/sdk4/css/ 15 KB
6 KB 47ms
34ms Stylesheet
text/css 2606:4700:3035::6815:524
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.hot-mob.com/api/javascript/sdk4/css/style.min.css?r=1
Requested by: Host: code.hot-mob.com
URL: https://code.hot-mob.com/api/javascript/sdk4/hotmobtag_min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:524 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c54a9da34590cbc4ac016796cef4050d5bf8a94b1ed94ed89d86b9ebaebab6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=Jua7pA==, md5=Wcz9uc9Mvqv9+PEpgK8KoQ==
date: Tue, 11 Jan 2022 16:25:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 551908
x-guploader-uploadid: ADPycduvSPu-knQVLQMW4Kkk0OdmCSrS1DXex-dYW0a6r52SVkrPfOcZ9iDQu4JKye6r-G-7BfkGTUWyWagRo0_e13M
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 23 Nov 2021 03:02:57 GMT
server: cloudflare
etag: W/"59ccfdb9cf4cbeabfdf8f12980af0aa1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rF0tYnHXXlKBnJf4Fy18aIRFhWmfPNPdLiZJo4AaO8qGQp00LB6YAoHFo9p0ZMbR1bxRfUB0uqWKrzpNLZ5pW09JNwGOID1dRArP3PlOfYO6aOk6rf44cbDXaRwOi3g%2BQ5Vu4MqRJU10EflR436T"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1637636576895061
content-type: text/css
cache-control: public, max-age=3600
x-goog-stored-content-length: 5416
cf-ray: 6cbf805d39042b71-FRA
expires: Wed, 05 Jan 2022 08:07:02 GMT

GET
H3 200 style.publisher.min.css
code.hot-mob.com/api/javascript/sdk4/css/ 1 KB
1 KB 50ms
37ms Stylesheet
text/css 2606:4700:3035::6815:524
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.hot-mob.com/api/javascript/sdk4/css/style.publisher.min.css
Requested by: Host: code.hot-mob.com
URL: https://code.hot-mob.com/api/javascript/sdk4/hotmobtag_min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:524 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0186d7dbb38f18caf3f953f0b546a19de826fec6ce09d274c4b88f0ad2ed42d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=U92Cxw==, md5=k/z7tDKiT9sko9bgKHdwUg==
date: Tue, 11 Jan 2022 16:25:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1870453
x-guploader-uploadid: ADPycdtZKRORf3XkvLC-5Mx_lxiD83K4x0zMGM4gsTXN9sudwgnzjU8V1SuPS7aYJgtWkrYquVhHq_7rQHZpPTTlhIk
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 23 Nov 2021 03:02:56 GMT
server: cloudflare
etag: W/"93fcfbb432a24fdb24a3d6e028777052"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvz2eAGg5Ic7v%2B9%2BjVRKST07TTHjPYZw56Qnl%2BnJ8keA1Buz8q6Jm7jVpWjahLXQD%2BVJxiveSqmQFCmuss2NzyzcQrwZEA4xd5NFmSI9reqBGp8uAhe9d74h6q0i%2BLaihm2aHtwu7NSZiNo0pLOH"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1637636576642413
content-type: text/css
cache-control: public, max-age=3600
x-goog-stored-content-length: 506
cf-ray: 6cbf805d39062b71-FRA
expires: Tue, 21 Dec 2021 01:51:17 GMT

GET
H2 200 pubads_impl_2022010407.js Show response
securepubads.g.doubleclick.net/gpt/ 352 KB
119 KB 186ms
46ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

d4d964d6d34df7fde3554039d33b468b74afee14d6526a87b926688f0fc8d93c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120967
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 16:13:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 11 Jan 2022 16:25:30 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 117 B
737 B 181ms
43ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=hd.stheadline.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

7ab06dbd04b0f54e6cbf1dcd3fda5fd5cfc3e38295d3ef318cda7f61d89aa554

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 11 Jan 2022 16:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101
x-xss-protection: 0
expires: Tue, 11 Jan 2022 16:25:30 GMT

GET
H3 200 9HenzIxlyhW.css
www.facebook.com/rsrc.php/v3/ys/l/0,cross/ Frame DFF7 29 KB
7 KB 34ms
23ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/ys/l/0,cross/9HenzIxlyhW.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1f654ff81d90829e1920bb91b7b84655ab7f4b2ed4651b56af4a831b57175dd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 16:17:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: c/jg+vBUo572hFqZIBN2EQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 7257
x-fb-rlafr: 0
x-fb-debug: BMeoSX0+0908yM9y6Hf4MdM/jpiq6X1LUyIVnkkHOzMnzrU/pf4q4IZhS6kVAZDz+teBY21JTCZnlJIq1t7MyA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 10 Jan 2023 16:17:46 GMT

GET
H3 200 rri5ZqHVZQR.css
www.facebook.com/rsrc.php/v3/y1/l/0,cross/ Frame DFF7 442 KB
120 KB 28ms
18ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y1/l/0,cross/rri5ZqHVZQR.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e4d155acf1abecab0cb5a30645627a2742ff9ef0a52236ccaad865d2c095bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 05:07:39 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Mgtmp+aVQOsSis4/vskuiQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 122893
x-fb-rlafr: 0
x-fb-debug: SDcmXh9u9PuZoZDTdFStWRbvX+vz/ObZha+0Q+gvqfJmhNU8dsKA7D9MGZQrhCf6KBijwoQNBekvxsJfYgx1EQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 11 Jan 2023 05:07:39 GMT

GET
H3 200 QT_vCRq1ZJm.css
www.facebook.com/rsrc.php/v3/yk/l/0,cross/ Frame DFF7 48 KB
8 KB 27ms
18ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yk/l/0,cross/QT_vCRq1ZJm.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9d6976e476e123e4bffc2de205b099a993e52b3aa858c5e9006571f55d1f28f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 16:16:07 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mU90qpiqkK2OBO0c2mFCYg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 8596
x-fb-rlafr: 0
x-fb-debug: PBOiXJFZTRBex9wCRcyZS+CnOTpgmmKcn1Z7hzA8o8qKiQJdsWYHwwHzDQeFQ7P3bHbS6rovNFuEKsXjtfKuAw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 10 Jan 2023 16:16:07 GMT

GET
H3 200 yGH_rZQkNRw.js Show response
www.facebook.com/rsrc.php/v3/yN/r/ Frame DFF7 307 KB
83 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

41b646a874e4cc09d73c01cf2a4698fbd6285896e649662e4973ea6db703d05d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 18:18:18 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xEaDuUVh0vfXFxx41ZNPDQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 84561
x-fb-rlafr: 0
x-fb-debug: XxYMv55oM7CmyS8t48k//6ZdZfTh2UA4S2ymEtMYCSk2Ok3bcj1FMTlSr0aW7dZKPH9go1vj59kDUzdpQXHeOg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 07 Jan 2023 18:18:18 GMT

GET
H3 200 VljknB91j2C.js Show response
www.facebook.com/rsrc.php/v3irVO4/yY/l/de_DE/ Frame DFF7 241 KB
64 KB 27ms
18ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3irVO4/yY/l/de_DE/VljknB91j2C.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9311c7873a02cb0b3e5d466e56bf4933ea8696c5457b02c1fd2f53980ebc393

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 02:56:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: G/mbvyK5sPnAgJSke9AT3Q==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 65445
x-fb-rlafr: 0
x-fb-debug: 8j2mnd3mXiWHjUlOrk/gXWg8wOmyqfkC3zZN3M/MmY2jMs00Wz5e7uIFnD58uXCG3ddPcfdE8jyC8NYwxc6mLQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 Jan 2023 02:56:37 GMT

GET
H3 200 wxOELSdSPB0.js Show response
www.facebook.com/rsrc.php/v3iCc54/y5/l/de_DE/ Frame DFF7 623 KB
151 KB 29ms
19ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iCc54/y5/l/de_DE/wxOELSdSPB0.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

155f625e79fa569cad97651cd9d39d32268a6418b91624edda7fb2da8382600e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 02:56:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 6iLlAYgA3kbhqtrDZQyoKg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 154342
x-fb-rlafr: 0
x-fb-debug: G7r8qJQvvwI3lGWJZ21K8PBddNeCTyS4nAAZBVYzcPg7yKTK+mdCv0UvRorvBZc2gI0FtNi3yk2vUUTSg5ACDA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 Jan 2023 02:56:38 GMT

GET
H3 200 Y5NoR4wdVol.js Show response
www.facebook.com/rsrc.php/v3/yQ/r/ Frame DFF7 281 KB
64 KB 31ms
22ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yQ/r/Y5NoR4wdVol.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ef8f1c9df6d6e8d508fdef7fbcb913c09b82bbafa56ecafbf985bbb4e6b3ed43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 02:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: XffN5EXDQaW3Kp0UvNZDmQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 65835
x-fb-rlafr: 0
x-fb-debug: Wv32HNuc6smZ96jkaqWueOwwAzC7OUfUaq9iKP661DVPDCrLbub2b5Ic/HrAHckFNS6F9pGVAC/GhbmUJ+Gdaw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 11 Jan 2023 02:38:02 GMT

GET
H3 200 p0YaW_oTHqi.js Show response
www.facebook.com/rsrc.php/v3ii-j4/yr/l/de_DE/ Frame DFF7 69 KB
18 KB 28ms
19ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3ii-j4/yr/l/de_DE/p0YaW_oTHqi.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b349ada854332ff15dbf6d82d353d51ecbf87e99d510616509ad7cfc1707ff00

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 17:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: VLxHVdRzlNBa9+dlOHYmFg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 18772
x-fb-rlafr: 0
x-fb-debug: daJ5kxenJ+qx99ekjilgjJeV7Dp5jGmwYdEgDroQ/krO3o52KqPbCtcfOZ8Hb/15SEVwRM5tU+4QTkt7Eo16RQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 Jan 2023 17:12:53 GMT

GET
H3 200 _9WJaiWLfkG.js Show response
www.facebook.com/rsrc.php/v3/yo/r/ Frame DFF7 212 KB
53 KB 33ms
24ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yo/r/_9WJaiWLfkG.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a36bc631b6fef3fd0b6fc60dc0e5596ea7c88ba69583cb6bb85748ee46ea63b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 00:44:20 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: UkTKqEKD0w7ADBdMBx2FBA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 54317
x-fb-rlafr: 0
x-fb-debug: gekRN6CeX31RKZbMnIdXILP3YCWawpZKqYd8oTOVVQhlBygYSd7NZTAi9me338zga/AuGHwTkZL5AGobUVtgUg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 06 Jan 2023 00:44:20 GMT

GET
H3 200 _vVKDBqmNLe.js Show response
www.facebook.com/rsrc.php/v3/yZ/r/ Frame DFF7 22 KB
7 KB 33ms
24ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yZ/r/_vVKDBqmNLe.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3b5d1371a61f1ae375b96295edce15313a3caf6bc1db273b519fb592fc9a7aaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 16:16:07 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4fBDHXaglN+cllqsHO4PdA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 6812
x-fb-rlafr: 0
x-fb-debug: DlR5g58RTMslA09a1imB9HEbBgsiORo9R7YJlUFeW6SrebLV3jjCajdUoaCA/7FtJfY4PcUwPmvdIetDCIkofA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 10 Jan 2023 16:16:07 GMT

GET
H3 200 HvnktSSZnUp.js Show response
www.facebook.com/rsrc.php/v3/yg/r/ Frame DFF7 100 KB
27 KB 36ms
27ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yg/r/HvnktSSZnUp.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f77f40e81155853df72552dcab43624fc5f623805fef9eccc12b201d4fadc6cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 02:53:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: iM0Qrn6XXMBtIlMqaocgAQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 27982
x-fb-rlafr: 0
x-fb-debug: kyHE+ALXAYMFKaQyLQQFdLjjpcpWNoud7xo5J7g7gLBMvU7c7Q84YG3srEAylm6Q6pAd8S0OQ9uZZnYjXe93bg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 Jan 2023 02:53:40 GMT

GET
H3 200 PlpH2j7Hw1D.js Show response
www.facebook.com/rsrc.php/v3iqhx4/yb/l/de_DE/ Frame DFF7 741 KB
162 KB 42ms
33ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iqhx4/yb/l/de_DE/PlpH2j7Hw1D.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

53dd9835f718eeba7aca069375da3717cd8a429e02d01e6ab49eccc272f0f8ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 00:18:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: IO5SCn/wNw8/DLqp/UFT8Q==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 166003
x-fb-rlafr: 0
x-fb-debug: 1Q06o/3i0wwCHkymKAACvI+mBz0xnqwqs2BQ7V/JAH+r4j2vn8YvQCT/90TgNGqK/WfiS+mKUhnbZgj1azVu9w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 07 Jan 2023 00:18:56 GMT

GET
H2 200 271706613_624337615347466_9105808887291147430_n.jpg
scontent-zrh1-1.xx.fbcdn.net/v/t15.5256-10/s851x315/ Frame DFF7 34 KB
34 KB 110ms
70ms Image
image/jpeg 2a03:2880:f05b:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-zrh1-1.xx.fbcdn.net/v/t15.5256-10/s851x315/271706613_624337615347466_9105808887291147430_n.jpg?_nc_cat=111&ccb=1-5&_nc_sid=08861d&_nc_ohc=BdJ2s2Bl7k4AX_fQHZ7&_nc_ht=scontent-zrh1-1.xx&edm=AGo2L-IEAAAA&oh=00_AT-Xy0l12iIkkVvK4rI_iSLK-BQ9lOldJfZNhtdI1XARSA&oe=61E2A232
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f05b:10:face:b00c:0:3 Zurich, Switzerland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2b3d0642830517ec7f5641a27c2ad597eeebb78408f005896115bb2f260f6670

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-haystack-needlechecksum: 42683069
date: Tue, 11 Jan 2022 16:25:30 GMT
x-fb-trip-id: 1679558926
last-modified: Tue, 11 Jan 2022 08:57:10 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: ndaB_Mh1y2GaEBI0Vs4cmzLj0HItwTM503H7H6zX_nC4YHRbxVwQMmhB9CV9CiiipXVFETgTzk5-HW87aRIT7g
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2696468129
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 34927

GET
H2 200 13512102_1021697101213539_4009711389994147473_n.jpg
scontent-zrh1-1.xx.fbcdn.net/v/t1.18169-1/cp0/p40x40/ Frame DFF7 2 KB
2 KB 30ms
12ms Image
image/jpeg 2a03:2880:f05b:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-zrh1-1.xx.fbcdn.net/v/t1.18169-1/cp0/p40x40/13512102_1021697101213539_4009711389994147473_n.jpg?_nc_cat=103&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=gJX-9eVXOCsAX_O2Fuy&_nc_oc=AQk1E20Gq0RCWw1fIGUZ3rIdXLP_FuikeDHPfshsa-DR1ct1r0nRKvg7zOJZ2KHHUVIC13edoPI67ad0s6JhEPdk&_nc_ht=scontent-zrh1-1.xx&edm=AGo2L-IEAAAA&oh=00_AT-L-QgsbufrQ7ZGNvPzC2PRkmPGxNMgjeWcaQ8qp6RAjQ&oe=620535DD
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f05b:10:face:b00c:0:3 Zurich, Switzerland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: c005512a2be02eae5769fc3624147b1fe1c0d1127ada713c5d83f54dccfe47f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-haystack-needlechecksum: 1318572011
date: Tue, 11 Jan 2022 16:25:30 GMT
x-fb-trip-id: 1679558926
last-modified: Sat, 02 Jul 2016 07:10:28 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 279103742
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1677

GET
H3 200 all.js Show response
connect.facebook.net/zh_HK/ 291 KB
82 KB 37ms
25ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_HK/all.js?hash=b38d31f3e329740ccc502450c6989f06

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6015d633930297d1d79fca4175699fe4a8b4c2ffc5bd2a284c08420e92e4d2f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://hd.stheadline.com/
Origin: https://hd.stheadline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: GrIevJ0oKS2/fz6XheucuA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 83617
x-fb-rlafr: 0
x-fb-debug: u0nHdGzoOzCJelGzNQtQjClU5zWgxqJwNycFmKpvTD2bHqI8tqXs5T8iNNgDTtzvdvUJSeTvQXd9KAf8u8+lbQ==
x-fb-content-md5: ec89d1e6cbdf33de5b4061e1f4bd305d
x-frame-options: DENY
date: Tue, 11 Jan 2022 16:25:30 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "b9e3f62dc79230401c9500c98458d48b"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 11 Jan 2023 15:13:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 130ms
38ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3HQTH7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3036
date: Tue, 11 Jan 2022 15:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 11 Jan 2022 17:34:54 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=9053246&c3=&c4=&ns__t=1641918329807&ns_c=UTF-8&cv=3.5&c8=%E5%8D%B3%E6%99%82%20%E6%97%A5%E5%A0%B1%20%E5%B0%88%E6%AC%84%20h1.hk%20%E4%BB%BB%E7%9D%87no.1%20%...
https://sb.scorecardresearch.com/b2?c1=2&c2=9053246&c3=&c4=&ns__t=1641918329807&ns_c=UTF-8&cv=3.5&c8=%E5%8D%B3%E6%99%82%20%E6%97%A5%E5%A0%B1%20%E5%B0%88%E6%AC%84%20h1.hk%20%E4%BB%BB%E7%9D%87no.1%20...

0
224 B

56ms
55ms

Image
text/plain

13.33.240.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=9053246&c3=&c4=&ns__t=1641918329807&ns_c=UTF-8&cv=3.5&c8=%E5%8D%B3%E6%99%82%20%E6%97%A5%E5%A0%B1%20%E5%B0%88%E6%AC%84%20h1.hk%20%E4%BB%BB%E7%9D%87no.1%20%7C%20%E9%A0%AD%E6%A2%9D%E6%97%A5%E5%A0%B1&c7=https%3A%2F%2Fhd.stheadline.com%2F&c9=
Requested by: Host: hd.stheadline.com
URL: https://hd.stheadline.com/
Protocol: H2
Server: 13.33.240.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-240-11.hel50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:30 GMT
via: 1.1 2927b5fd4ddd05be6a9ce18058f195ee.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: iwfhte38vKqKZr3T9yRAeknxIx3NrViamkHRmXaXDUSjs4Tcu8zJTg==
x-cache: Miss from cloudfront

Redirect headers

date: Tue, 11 Jan 2022 16:25:30 GMT
via: 1.1 2927b5fd4ddd05be6a9ce18058f195ee.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=9053246&c3=&c4=&ns__t=1641918329807&ns_c=UTF-8&cv=3.5&c8=%E5%8D%B3%E6%99%82%20%E6%97%A5%E5%A0%B1%20%E5%B0%88%E6%AC%84%20h1.hk%20%E4%BB%BB%E7%9D%87no.1%20%7C%20%E9%A0%AD%E6%A2%9D%E6%97%A5%E5%A0%B1&c7=https%3A%2F%2Fhd.stheadline.com%2F&c9=
content-length: 303
x-amz-cf-id: 723hQbQuCr5JZ4xKukL6K-xfn-2Mj5vRmTUxBhCK_cIFI_jkP0LZBA==

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 1800 0
214 B 711ms
167ms Image
text/plain 8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=6404&puid=51744879261176482361561322553908381230&gdpr=0&gdpr_consent=
Requested by: Host: hd.stheadline.com
URL: https://hd.stheadline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://singtaonewscorp.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5daa34953a867809056448757b76591b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 status
www.facebook.com/x/oauth/ 0
0 35ms
35ms Fetch
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=978368502211772&input_token&origin=1&redirect_uri=https%3A%2F%2Fhd.stheadline.com%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/all.js?hash=b38d31f3e329740ccc502450c6989f06

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: hUfjnTiDqgkI/b86VG+qQ4s2hbcAjLXIcKNIOfZLdIpNoIax+Se2SHBLedkTkYiiegQ+Sk7pDn+fI+1fLWkk2Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Tue, 11 Jan 2022 16:25:30 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hd.stheadline.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEN-TVvO1L4vxY-LK6PAQ-Lw&google_cver=1
dpm.demdex.net/ Frame 1800
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTE3NDQ4NzkyNjExNzY0ODIzNjE1NjEzMjI1NTM5MDgzODEyMzA=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NTE3NDQ4NzkyNjExNzY0ODIzNjE1NjEzMjI1NTM5MDgzODEyMzA=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEN-TVvO1L4vxY-LK6PAQ-Lw&google_cver=1?gdpr=0&gdpr_consent=

42 B
945 B

40ms
35ms

Image
image/gif

52.18.187.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEN-TVvO1L4vxY-LK6PAQ-Lw&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

HTTP/1.1

Server

52.18.187.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-187-187.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://singtaonewscorp.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v026-0beba7042.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: kAxrvmL2Tek=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 11 Jan 2022 16:25:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEN-TVvO1L4vxY-LK6PAQ-Lw&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 w4sQHycLhWE.png
www.facebook.com/rsrc.php/v3/y4/r/ Frame DFF7 20 KB
20 KB 15ms
10ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y4/r/w4sQHycLhWE.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y1/l/0,cross/rri5ZqHVZQR.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8a7856e4cf81821b7092b348542a84ea84eb600a0cfa78ff68c9cec1b1ce88a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/rsrc.php/v3/y1/l/0,cross/rri5ZqHVZQR.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 16:10:57 GMT
x-content-type-options: nosniff
content-md5: XHNSWoPxbPZ8IyHDD6wrLQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 20602
x-fb-rlafr: 0
x-fb-debug: TCvMbgd/Pyl/v02fREo/a1lWilCSXWzGO24UYgRqyVimrEvrSD81ip6wvkyqmdLznP8WG7NqeMAUpAicQC0EBw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 06 Jan 2023 16:10:57 GMT

GET
H2 200 10000000_141607838292060_4815298746618378746_n.mp4 Show response
video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/ Frame DFF7 928 B
988 B 133ms
13ms Fetch
video/mp4 2a03:2880:f05b:a:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/10000000_141607838292060_4815298746618378746_n.mp4?_nc_cat=100&ccb=1-5&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF90cmltbWVkX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=yrj2EiuT3fkAX-9s_fy&_nc_ht=video-zrh1-1.xx&edm=AGo2L-IEAAAA&oh=00_AT_p7NmJI06BP6-ZSRMC_aSf-4lT7ugUPHfplEZxq0k6Jg&oe=61DDCC16&bytestart=0&byteend=927
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iCc54/y5/l/de_DE/wxOELSdSPB0.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f05b:a:face:b00c:0:1823 Zurich, Switzerland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: a28923a2362fa0f04746bb03e4c57f00f02b5b136f347bdf790a140dcf0061c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:31 GMT
x-fb-trip-id: 207616858
last-modified: Tue, 11 Jan 2022 09:35:12 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 928

GET
H2 200 10000000_141607838292060_4815298746618378746_n.mp4 Show response
video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/ Frame DFF7 11 KB
11 KB 131ms
13ms Fetch
video/mp4 2a03:2880:f05b:a:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/10000000_141607838292060_4815298746618378746_n.mp4?_nc_cat=100&ccb=1-5&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF90cmltbWVkX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=yrj2EiuT3fkAX-9s_fy&_nc_ht=video-zrh1-1.xx&edm=AGo2L-IEAAAA&oh=00_AT_p7NmJI06BP6-ZSRMC_aSf-4lT7ugUPHfplEZxq0k6Jg&oe=61DDCC16&bytestart=928&byteend=12299
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iCc54/y5/l/de_DE/wxOELSdSPB0.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f05b:a:face:b00c:0:1823 Zurich, Switzerland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 84fabbb79a7c4d6f1d57e2d886fb500a9a672c7e6c1f36b4fe7102df64698e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:31 GMT
x-fb-trip-id: 207616858
last-modified: Tue, 11 Jan 2022 09:35:12 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 11372

GET
H2 200 10000000_141607838292060_4815298746618378746_n.mp4 Show response
video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/ Frame DFF7 41 KB
41 KB 127ms
13ms Fetch
video/mp4 2a03:2880:f05b:a:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/10000000_141607838292060_4815298746618378746_n.mp4?_nc_cat=100&ccb=1-5&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF90cmltbWVkX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=yrj2EiuT3fkAX-9s_fy&_nc_ht=video-zrh1-1.xx&edm=AGo2L-IEAAAA&oh=00_AT_p7NmJI06BP6-ZSRMC_aSf-4lT7ugUPHfplEZxq0k6Jg&oe=61DDCC16&bytestart=12300&byteend=53959
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iCc54/y5/l/de_DE/wxOELSdSPB0.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f05b:a:face:b00c:0:1823 Zurich, Switzerland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 5f35277b207d775c5174f66814fa4328c030088dfe82b20c71f0adb2f338ae6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:31 GMT
x-fb-trip-id: 207616858
last-modified: Tue, 11 Jan 2022 09:35:12 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 41660

GET
H2 200 10000000_668004417721209_7149902939002655879_n.mp4 Show response
video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/ Frame DFF7 880 B
1 KB 124ms
12ms Fetch
video/mp4 2a03:2880:f05b:a:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/10000000_668004417721209_7149902939002655879_n.mp4?_nc_cat=1&ccb=1-5&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF90cmltbWVkX2ZyYWdfMl9hdWRpbyJ9&_nc_ohc=-MBCdEZXRgUAX-A7e_G&_nc_ht=video-zrh1-1.xx&edm=AGo2L-IEAAAA&oh=00_AT8U3SYrcw_XrA_Dd2GTYjPXtOfUbvAVLDCP0eAhlJ28rw&oe=61DDD082&bytestart=0&byteend=879
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iCc54/y5/l/de_DE/wxOELSdSPB0.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f05b:a:face:b00c:0:1823 Zurich, Switzerland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 3a6ab3556729fd2cc0898dd3ff7aca936674d7c7b48129b972ee5c9cd386c330

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:31 GMT
x-fb-trip-id: 207616858
last-modified: Tue, 11 Jan 2022 09:35:11 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 880

GET
H2 200 10000000_668004417721209_7149902939002655879_n.mp4 Show response
video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/ Frame DFF7 11 KB
11 KB 124ms
12ms Fetch
video/mp4 2a03:2880:f05b:a:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/10000000_668004417721209_7149902939002655879_n.mp4?_nc_cat=1&ccb=1-5&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF90cmltbWVkX2ZyYWdfMl9hdWRpbyJ9&_nc_ohc=-MBCdEZXRgUAX-A7e_G&_nc_ht=video-zrh1-1.xx&edm=AGo2L-IEAAAA&oh=00_AT8U3SYrcw_XrA_Dd2GTYjPXtOfUbvAVLDCP0eAhlJ28rw&oe=61DDD082&bytestart=880&byteend=12251
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iCc54/y5/l/de_DE/wxOELSdSPB0.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f05b:a:face:b00c:0:1823 Zurich, Switzerland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 354ad57c60e13889258605085cf85a04287c81e01249cee0905488c5c2d0d5d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:31 GMT
x-fb-trip-id: 207616858
last-modified: Tue, 11 Jan 2022 09:35:11 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 11372

GET
H2 200 10000000_668004417721209_7149902939002655879_n.mp4 Show response
video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/ Frame DFF7 16 KB
16 KB 124ms
12ms Fetch
video/mp4 2a03:2880:f05b:a:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/10000000_668004417721209_7149902939002655879_n.mp4?_nc_cat=1&ccb=1-5&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF90cmltbWVkX2ZyYWdfMl9hdWRpbyJ9&_nc_ohc=-MBCdEZXRgUAX-A7e_G&_nc_ht=video-zrh1-1.xx&edm=AGo2L-IEAAAA&oh=00_AT8U3SYrcw_XrA_Dd2GTYjPXtOfUbvAVLDCP0eAhlJ28rw&oe=61DDD082&bytestart=12252&byteend=28264
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iCc54/y5/l/de_DE/wxOELSdSPB0.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f05b:a:face:b00c:0:1823 Zurich, Switzerland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 5140ffadcbe20be10c2e123286833078362c1447e8e2c1cd5a2865e87872481b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:31 GMT
x-fb-trip-id: 207616858
last-modified: Tue, 11 Jan 2022 09:35:11 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 16013

GET
H3 200 cKWAtuxHlF_.js Show response
www.facebook.com/rsrc.php/v3/yS/r/ Frame DFF7 345 KB
68 KB 11ms
11ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yS/r/cKWAtuxHlF_.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5dda745de712d683aec1ffb43b6652c3f66a987365d10e766b5a4425fece998b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 01:18:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: q95kzkCLVhF8y5c7WYkwOQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 69104
x-fb-rlafr: 0
x-fb-debug: ODo7AWJ0EO/hN4VZAcLo6Ci+EV7mD0pAGq8/rmBMXN0cQTj0rNm0CWtYgWtCi6qgXu35b9FAwlmJiZQqkV14HA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 11 Jan 2023 01:18:08 GMT

GET
H3 200 le3R2Pg4FSr.js Show response
www.facebook.com/rsrc.php/v3/yd/r/ Frame DFF7 8 KB
3 KB 16ms
15ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yd/r/le3R2Pg4FSr.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b18a2cce3029f2fcbd102787aa9f74bd9e05ee995f8bbee4f88d0a98bde18d9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 17:28:04 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: cfszjjYzW0B+t9KV7nfxiQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 3073
x-fb-rlafr: 0
x-fb-debug: btl5JaK7eH2se3VRlHPwHe9UQ6wqnUaVr6ELaF3c8TTIcKeFiOG+y2/kR9RsarGM8Vn3ksAsOMPBFQaqbfGb/w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 07 Jan 2023 17:28:04 GMT

GET
H3 200 nV76XdQYhPL.js Show response
www.facebook.com/rsrc.php/v3iqIa4/y6/l/de_DE/ Frame DFF7 97 KB
18 KB 17ms
16ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iqIa4/y6/l/de_DE/nV76XdQYhPL.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c2d67d3acdb757568521a41e43c61a273f43faee68fc74f41775b3d4039f0df3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 02:56:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Jz7SSRKLdUffeAWK8Jhzxg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 18598
x-fb-rlafr: 0
x-fb-debug: F3m4XDvXxShpg8ZxAJTA/XshpHivkZSkH00nBXJEKKfwih1/Sje6YqhomHibDmkhHVIcxIHycWajid3j15OUrg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 Jan 2023 02:56:38 GMT

GET
H3 200 XfbBBhOB2AN.js Show response
www.facebook.com/rsrc.php/v3i1MJ4/y2/l/de_DE/ Frame DFF7 80 KB
22 KB 21ms
19ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3i1MJ4/y2/l/de_DE/XfbBBhOB2AN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec88316f64caf440acbab01fe2b751fded5d133c32a6936e250112a3d5e01124

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 00:58:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 8Q7VZD8KcD1qVEovMDo2GQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 21966
x-fb-rlafr: 0
x-fb-debug: kOZLS2c2NeaOyn69TkRbTycY2bhCrOb+C7wPO+Z/A2KMH5eNgfwZjGImhRx4rfUDFRHnoERf3NSHjvqcXCZIyw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 08 Jan 2023 00:58:33 GMT

GET
H3 200 My_Eku9sLlq.js Show response
www.facebook.com/rsrc.php/v3irIT4/yJ/l/de_DE/ Frame DFF7 526 KB
129 KB 25ms
23ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3irIT4/yJ/l/de_DE/My_Eku9sLlq.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

186b0f1f58079b0b5e78f51cdc5ee37c612ecb7b90b8cc8f362e8f41c31cf106

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 00:58:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: espFBrLN9opWSgMMD/yrXw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 131756
x-fb-rlafr: 0
x-fb-debug: HARKmYB6P1KxUx02hNi6hp3N/jing9Zv4JyCETwtFnMKuCK1YrMCr9H8nwbL0zzXAsooFpdWU2vmgV1f38m3Fg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 08 Jan 2023 00:58:33 GMT

GET
H3 200 A4E_cnpyIQY.js Show response
www.facebook.com/rsrc.php/v3i6rW4/y3/l/de_DE/ Frame DFF7 1 MB
205 KB 27ms
24ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3i6rW4/y3/l/de_DE/A4E_cnpyIQY.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c8373be4a808d2ee982d4f9df771ac0831502399ad3e2aa59f77bce16ce70305

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 05:14:56 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: kBrnbGv7eoccRanrtuudMA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 209582
x-fb-rlafr: 0
x-fb-debug: Uc+yEIC6up3iyF3a/ZZTGxk6mFNFjrCck9OZSiSsh/d0YjKuQwvqf6a16WF023mx2UtaWJ8gRIalKCtS5Nf2ng==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 11 Jan 2023 05:14:56 GMT

GET
H3 200 NULdaVptLdT.js Show response
www.facebook.com/rsrc.php/v3iGu04/yO/l/de_DE/ Frame DFF7 10 KB
3 KB 27ms
25ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iGu04/yO/l/de_DE/NULdaVptLdT.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

60a07b1b77cbe851e4372f32eb3df625cc77865897dcf4a256f20a66ef8949d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:36:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 8JsdF8HOOOcOINLU2EVWCg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 3083
x-fb-rlafr: 0
x-fb-debug: 7uMuwZSzEYKPSJeBF+GP79snWU9UXjuQile/GhjHdCBOWRa8cpK2MVcWXny6C0ex8wfxAWYc943r3sTRhA/CgA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 04 Jan 2023 17:36:55 GMT

GET
H3 200 gQgC4gyA0uZ.js Show response
www.facebook.com/rsrc.php/v3/yL/r/ Frame DFF7 3 KB
1 KB 53ms
48ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yL/r/gQgC4gyA0uZ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e8b176ae4ed952c964e4096c8e8943b2a805d9f6ec2facc88ef6d9e968d88b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 15:31:09 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: +icsu88rHqM8qJxise7hVA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 1023
x-fb-rlafr: 0
x-fb-debug: riujUxo0s3d6SBN2OPLNiuphKEG0Erepn8dUTSDt7ZI+/2z+Ahp/oOhNCBVg617Y2DBtDW/7+AF7f7Z5VNjNUg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 08 Jan 2023 15:31:09 GMT

GET
H3 200 3Mb0B1dM3Ql.js Show response
www.facebook.com/rsrc.php/v3/y0/r/ Frame DFF7 440 B
330 B 56ms
51ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y0/r/3Mb0B1dM3Ql.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fea8f1d76f02ab2bde8bcf37f16c17ad649b1d61414fca044000844654ec3d38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 02:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: cQBd37BjRtSvMDaCN7Xd3g==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 268
x-fb-rlafr: 0
x-fb-debug: Nja3yLpjQMN1uRRwwfhkS0HhKzRkI7nYJjqge3hni/rbu+J7GautabomH45KmKmvmakCuz4ZAGjiquXHqkd/Dg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 11 Jan 2023 02:38:03 GMT

GET
H3 200 hO_RyJBGuQ0.js Show response
www.facebook.com/rsrc.php/v3/yJ/r/ Frame DFF7 747 B
453 B 56ms
51ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yJ/r/hO_RyJBGuQ0.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

29ff702612f2e6319d6615d64bc6ee97f40bef138e6cca812347bea41cc5a3c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 02:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 6JpkD1MjBIAFSaOfYllLFQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 391
x-fb-rlafr: 0
x-fb-debug: 7J1urGXr09p0N93CBlW+7ejxFtoq6goiTVYK2W/Ba4xY7Kd48lrb8uHEcMkc8AvSBt6CvnpIQT5g9ye0EheQ6Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 11 Jan 2023 02:38:03 GMT

GET
H3 200 7nFrQY33uCe.js Show response
www.facebook.com/rsrc.php/v3/yg/r/ Frame DFF7 594 B
400 B 58ms
53ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yg/r/7nFrQY33uCe.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c59a112420dbd9dfe93cef3cc5748a877d60f03e8441fb506f908459e21e769e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 02:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: tbkAUI1caRl4MZwkEmXpwQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 338
x-fb-rlafr: 0
x-fb-debug: P2cfCq3eor1oVSXjJtgTGUbXC15F1BBp23GOvf6dwZ0vOq10RUbRckInDXbqDF8x2jCkn3uRcubGe/0l22LZ+Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 11 Jan 2023 02:38:03 GMT

GET
H3 200 5W47k1m7BTD.js Show response
www.facebook.com/rsrc.php/v3/yr/r/ Frame DFF7 402 B
329 B 61ms
56ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yr/r/5W47k1m7BTD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

16212a75f90159d6f7fef0c466fb03e911b88841b1f57840834c10339bdae399

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 02:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: PmwCBV39zIA4L72/t5orvQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 267
x-fb-rlafr: 0
x-fb-debug: Q8DUZkvc+JH2gYFC/l9DgaPzpy6u7OsYz05g/JxEPZpUtl0X68zxH2jIs+jZsj1BWYecz/Gjv+InjNWFoTIKTw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 11 Jan 2023 02:38:03 GMT

GET
H3 200 BBmepZypaVk.js Show response
www.facebook.com/rsrc.php/v3/yH/r/ Frame DFF7 316 B
286 B 72ms
68ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yH/r/BBmepZypaVk.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8f49588f1adda27e5a0b22dda90d9746413e06156ce473de9aac221c767af3d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 02:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: XANfx1NxREh7Zw160MuGIg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 225
x-fb-rlafr: 0
x-fb-debug: xAXlg3iZsxQRPs9i2R0Ri5yUNCd9GCmQF6cl+AffdKZm0fG1LnZ6bz1vHSf8jIvvTuJWRwAVZ2FtAFr6+aiTvQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 11 Jan 2023 02:38:03 GMT

GET
H3 200 UNlkdRYRzOc.js Show response
www.facebook.com/rsrc.php/v3/y5/r/ Frame DFF7 718 B
455 B 72ms
68ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/UNlkdRYRzOc.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d11f45f0547ab1865cee457d765676e17108538cfc3d9c5636f664a061579131

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 02:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ljzatsPpDWB7SXcfeSEYYA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 393
x-fb-rlafr: 0
x-fb-debug: wFuOQb69gsHwCPi8HB/IsqkEQm7GB3GbJ82JuxtkmbaM9GeGoP/GJaszBWzHHzFGJWwyKrnUp4iq8YjZJ99nQg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 11 Jan 2023 02:38:03 GMT

GET
H3 200 gKfzn9gGPbK.js Show response
www.facebook.com/rsrc.php/v3/yL/r/ Frame DFF7 701 B
422 B 79ms
75ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yL/r/gKfzn9gGPbK.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5e8f785115f25ff0e342c3537d89dbd804dcbaecc35c6a1b0ba4b391d79eb146

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 02:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 7P7MgwQRh3QqrlSGFw6nIA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 360
x-fb-rlafr: 0
x-fb-debug: eaOC7GFokw70lHoxeYEalMcz/cDSS5ELWt69lcuxSGLWEXwm34LNN+sf95GXoKkUz1/HKAn77M1qMcFU0w7aTQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 11 Jan 2023 02:38:03 GMT

GET
H3 200 Afdinhtuldx.js Show response
www.facebook.com/rsrc.php/v3/yy/r/ Frame DFF7 2 KB
935 B 83ms
81ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yy/r/Afdinhtuldx.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4b19cfbf0b52bbd6d612f4591503b0fad28c8ba7b5a8a99a656ac2d90ee8f214

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 02:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: OlXnHzUq2VXQ5qvjSD1boA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 873
x-fb-rlafr: 0
x-fb-debug: R+BGMOAWtDxitWLgdErcAcc2kl7U77E4d2TK1bk4eD70tLbLwdnpl95j6EwkNM6oDqutN2I3WYZshbBNPUDy+A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 11 Jan 2023 02:38:03 GMT

GET
H3 200 5tkL-L-Jl6d.css
www.facebook.com/rsrc.php/v3/yL/l/0,cross/ Frame DFF7 38 KB
8 KB 83ms
82ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yL/l/0,cross/5tkL-L-Jl6d.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0c7523ecb8adc8e5960ee704ff8adc9c151147788d1b9ae788583d63472026d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 16:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: o54nzSMxZRtVx4AuvfBA+g==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 7805
x-fb-rlafr: 0
x-fb-debug: 5gqnn/o9YMsI97G9SkdWiYb5PS8NW/DUSM0goGUmVHwPcrhS48bhBftSa4Q1o0nCjMGaA4EaC9Ol0W2bn+Q0QQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 10 Jan 2023 16:18:13 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 152ms
59ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hd.stheadline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 11 Jan 2022 16:25:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 164ms
59ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hd.stheadline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 11 Jan 2022 16:25:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 237 KB
39 KB 1225ms
1175ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3408627940397629&correlator=2357152137424301&output=ldjh&impl=fifs&eid=31063943%2C31064027%2C31063708%2C31063919%2C44756895&vrg=2022010407&ptt=17&sc=1&sfv=1-0-38&ecs=20220111&iu_parts=64888526%2Chl-home-728x90-d-1%2Chl-home-728x90-d-2%2CHL-300x456-Index%2Chl-home-300x250-dm-1%2Chl-home-300x250-dm-2%2Chl-home-1x1-dm-1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=728x90%2C728x90%2C300x456%2C300x250%2C300x250%2C1x1&cookie_enabled=1&bc=31&abxe=1&dt=1641918330339&lmt=1641918330&dlt=1641918327759&idt=2497&frm=20&biw=1600&bih=1200&oid=2&adxs=684%2C281%2C-9%2C1102%2C1102%2C188&adys=42%2C2095%2C-9%2C1109%2C1789%2C42&adks=3832951854%2C1332759824%2C3543638789%2C1983949892%2C2838680944%2C2875821670&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fhd.stheadline.com%2F&vis=1&scr_x=0&scr_y=0&psz=1224x90%7C894x90%7C0x-1%7C300x873%7C300x2543%7C1224x90&msz=728x0%7C728x90%7C0x-1%7C300x0%7C300x0%7C1x-1&ga_vid=933982744.1641918330&ga_sid=1641918330&ga_hid=1280447225&ga_fc=false&fws=0%2C4%2C2%2C4%2C4%2C0&ohw=0%2C894%2C0%2C300%2C300%2C0&btvi=0%7C1%7C-1%7C0%7C2%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

96ddf1ae826e10c7aaafb6fb3ae8c110bb5683328b050d4f45ee08d9a19f82b0

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJSIhbeOqvUCFZQI4AodIwUMiA&gqi=&layout=/sadbundle/%24csp%253Der3%24/2631481056066273280/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMyFhbeOqvUCFZQI4AodIwUMiA&gqi=&layout=/sadbundle/%24csp%253Der3%24/2631481056066273280/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJSIhbeOqvUCFZQI4AodIwUMiA&gqi=&layout=/sadbundle/%24csp%253Der3%24/2631481056066273280/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMyFhbeOqvUCFZQI4AodIwUMiA&gqi=&layout=/sadbundle/%24csp%253Der3%24/2631481056066273280/index.html
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
google-creative-id: -1,-1,-2,-1,-1,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40089
x-xss-protection: 0
google-lineitem-id: -1,-1,-2,-1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
date: Tue, 11 Jan 2022 16:25:32 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hd.stheadline.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 508ms
458ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3408627940397629&correlator=2357152137424301&output=ldjh&impl=fifs&eid=31063943%2C31064027%2C31063708%2C31063919%2C44756895&vrg=2022010407&ptt=17&sc=1&sfv=1-0-38&ecs=20220111&iu_parts=23924972%2CTESTING-1x1-Index%2CHL-300x100-Index-RP%2CHL-300x100-Index-RP3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=1x1%2C300x100%2C300x250&cookie_enabled=1&bc=31&abxe=1&dt=1641918330363&lmt=1641918330&dlt=1641918327759&idt=2497&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C-9%2C-9&adys=-9%2C-9%2C-9&adks=1185086853%2C3105818109%2C2338057783&ucis=7%7C8%7C9&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fhd.stheadline.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1&ga_vid=933982744.1641918330&ga_sid=1641918330&ga_hid=1280447225&ga_fc=false&fws=2%2C2%2C2&ohw=0%2C0%2C0&btvi=-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

25f76160731f7eb1b428da6b47cf5e090e6adced076c4435baf1cb8fd4c391c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9547
x-xss-protection: 0
google-lineitem-id: -2,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hd.stheadline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F30F 6 KB
4 KB 239ms
47ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/

Response headers

cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 11 Jan 2022 16:25:31 GMT
expires: Wed, 11 Jan 2023 16:25:31 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 95ms
46ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1280447225&t=pageview&_s=1&dl=https%3A%2F%2Fhd.stheadline.com%2F&ul=en-us&de=UTF-8&dt=%E5%8D%B3%E6%99%82%20%E6%97%A5%E5%A0%B1%20%E5%B0%88%E6%AC%84%20h1.hk%20%E4%BB%BB%E7%9D%87no.1%20%7C%20%E9%A0%AD%E6%A2%9D%E6%97%A5%E5%A0%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=256256983&gjid=241503380&cid=933982744.1641918330&tid=UA-41819048-4&_gid=1173446615.1641918331&_r=1&gtm=2wg150T3HQTH7&z=1034116977

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hd.stheadline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 11 Jan 2022 16:25:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hd.stheadline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 10000000_348132680145841_6074812219826263305_n.mp4 Show response
video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/ Frame DFF7 11 KB
11 KB 28ms
14ms Fetch
video/mp4 2a03:2880:f05b:a:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/10000000_348132680145841_6074812219826263305_n.mp4?_nc_cat=109&ccb=1-5&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9xZF90cmltbWVkX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=scJT5NP_TUoAX_xodQp&_nc_ht=video-zrh1-1.xx&edm=AGo2L-IEAAAA&oh=00_AT_6nGiDQSRLsvqg5XRP-FdO7qxIm_BhAUI_I2iZ3N44Kg&oe=61DDD806&bytestart=927&byteend=12298
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/cKWAtuxHlF_.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f05b:a:face:b00c:0:1823 Zurich, Switzerland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b469af5464d49fdbf6b48594f02c90e102c7925aa8afbf8bad80b573348d107f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:31 GMT
last-modified: Tue, 11 Jan 2022 09:35:12 GMT
content-length: 11372
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
priority: u=3,i

GET
H3 200 10000000_296264852334060_6486273255829103295_n.mp4 Show response
video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/ Frame DFF7 11 KB
11 KB 27ms
14ms Fetch
video/mp4 2a03:2880:f05b:a:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/10000000_296264852334060_6486273255829103295_n.mp4?_nc_cat=109&ccb=1-5&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9sZF90cmltbWVkX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=4N4ZKFw1x7AAX_pdwQY&_nc_ht=video-zrh1-1.xx&edm=AGo2L-IEAAAA&oh=00_AT94kB7t2gYlbK084T0Eug6WJajjjS3-BJTK-jT18DER5Q&oe=61DDD3E1&bytestart=932&byteend=12303
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/cKWAtuxHlF_.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f05b:a:face:b00c:0:1823 Zurich, Switzerland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 450a1035407bb96121aa11f7bca0c12294dc271e78cbade9d0052b551a7eede5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:31 GMT
last-modified: Tue, 11 Jan 2022 09:35:12 GMT
content-length: 11372
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
priority: u=3,i

GET
H3 200 10000000_1019914138559613_1733575853277353940_n.mp4 Show response
video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/ Frame DFF7 11 KB
11 KB 23ms
14ms Fetch
video/mp4 2a03:2880:f05b:a:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/10000000_1019914138559613_1733575853277353940_n.mp4?_nc_cat=111&ccb=1-5&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9oZF90cmltbWVkX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=aSu8CqwN8I0AX8bZG8U&_nc_ht=video-zrh1-1.xx&edm=AGo2L-IEAAAA&oh=00_AT_SUilSyeb98prcfrd7KBNbpX5iYjPWweWpP11YHsRyJA&oe=61DDCD39&bytestart=932&byteend=12303
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/cKWAtuxHlF_.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f05b:a:face:b00c:0:1823 Zurich, Switzerland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 5d0db06f271f9019c66fdbf7c0b1675aa7ba41bd5a8e17a434e4300da8ecd28c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:31 GMT
last-modified: Tue, 11 Jan 2022 09:35:13 GMT
content-length: 11372
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
priority: u=3,i

GET
H3 200 10000000_1564591087247552_8499114858570597954_n.mp4 Show response
video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/ Frame DFF7 11 KB
11 KB 19ms
13ms Fetch
video/mp4 2a03:2880:f05b:a:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/10000000_1564591087247552_8499114858570597954_n.mp4?_nc_cat=1&ccb=1-5&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9oZDFfdHJpbW1lZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=NBsEh4XqARoAX9Q6vsh&_nc_ht=video-zrh1-1.xx&edm=AGo2L-IEAAAA&oh=00_AT9Ouv_gkqm0rdCOg-7gTh8LeIEadoat5t8rei9n2QU52Q&oe=61DDD9A7&bytestart=928&byteend=12299
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/cKWAtuxHlF_.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f05b:a:face:b00c:0:1823 Zurich, Switzerland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 74b577ae32c1a81cd3b0619e463a1f90978af4489c6978a735d0a19f6059ce2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:31 GMT
last-modified: Tue, 11 Jan 2022 09:35:15 GMT
content-length: 11372
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
priority: u=3,i

GET
H3 200 10000000_141607838292060_4815298746618378746_n.mp4 Show response
video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/ Frame DFF7 46 KB
46 KB 17ms
16ms Fetch
video/mp4 2a03:2880:f05b:a:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/10000000_141607838292060_4815298746618378746_n.mp4?_nc_cat=100&ccb=1-5&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF90cmltbWVkX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=yrj2EiuT3fkAX-9s_fy&_nc_ht=video-zrh1-1.xx&edm=AGo2L-IEAAAA&oh=00_AT_p7NmJI06BP6-ZSRMC_aSf-4lT7ugUPHfplEZxq0k6Jg&oe=61DDCC16&bytestart=53960&byteend=101020
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/cKWAtuxHlF_.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f05b:a:face:b00c:0:1823 Zurich, Switzerland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 17633a7984c3ff0589c32e2241a8d78f236db451f878dc5a638efd220d262a1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:31 GMT
last-modified: Tue, 11 Jan 2022 09:35:12 GMT
content-length: 47061
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
priority: u=3,i

GET
H3 200 10000000_668004417721209_7149902939002655879_n.mp4 Show response
video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/ Frame DFF7 80 KB
80 KB 20ms
12ms Fetch
video/mp4 2a03:2880:f05b:a:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/10000000_668004417721209_7149902939002655879_n.mp4?_nc_cat=1&ccb=1-5&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF90cmltbWVkX2ZyYWdfMl9hdWRpbyJ9&_nc_ohc=-MBCdEZXRgUAX-A7e_G&_nc_ht=video-zrh1-1.xx&edm=AGo2L-IEAAAA&oh=00_AT8U3SYrcw_XrA_Dd2GTYjPXtOfUbvAVLDCP0eAhlJ28rw&oe=61DDD082&bytestart=28265&byteend=110512
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/cKWAtuxHlF_.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f05b:a:face:b00c:0:1823 Zurich, Switzerland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 158f2be36a23f72c07c1ee9c9bdd2f69063d097c84ab78b69dc10c6a302c98bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:31 GMT
last-modified: Tue, 11 Jan 2022 09:35:11 GMT
content-length: 82248
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
priority: u=3,i

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 325ms
18ms XHR
text/plain 2a00:1450:400c:c02::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-41819048-4&cid=933982744.1641918330&jid=256256983&gjid=241503380&_gid=1173446615.1641918331&_u=YAhAAEAAAAAAAC~&z=1925241575

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hd.stheadline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 11 Jan 2022 16:25:31 GMT
content-type: text/plain
access-control-allow-origin: https://hd.stheadline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/video/unified_cvc/ Frame DFF7 263 B
254 B 39ms
39ms XHR
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/video/unified_cvc/

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3irVO4/yY/l/de_DE/VljknB91j2C.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1ac872b509cdba37add6720f52f34c42c119a97e2ed3d4583a0bad1bdaa5016f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: I3fk5CFcfHM4ah1u0qg81U
Referer: https://www.facebook.com/plugins/video.php?height=314&autoplay=1&mute=1&href=https%3A%2F%2Fwww.facebook.com%2Fheadlinehk%2Fvideos%2F624329848681576%2F&show_text=false&width=560&t=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: bmfxE23VkRAi9QSn6VqKi44MbXW9KQBvNwvaPsQKj3a95wKtkGVG0l5IS3C4ruBqY0jeZsS5K9NeYeM8ShmuJg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 11 Jan 2022 16:25:31 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 10000000_1564591087247552_8499114858570597954_n.mp4 Show response
video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/ Frame DFF7 928 B
976 B 13ms
13ms Fetch
video/mp4 2a03:2880:f05b:a:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/10000000_1564591087247552_8499114858570597954_n.mp4?_nc_cat=1&ccb=1-5&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9oZDFfdHJpbW1lZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=NBsEh4XqARoAX9Q6vsh&_nc_ht=video-zrh1-1.xx&edm=AGo2L-IEAAAA&oh=00_AT9Ouv_gkqm0rdCOg-7gTh8LeIEadoat5t8rei9n2QU52Q&oe=61DDD9A7&bytestart=0&byteend=927
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/cKWAtuxHlF_.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f05b:a:face:b00c:0:1823 Zurich, Switzerland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: f449fa65da363c636a0dc7c89c935f9d8556f0c02e2398212f244256c2daef27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:31 GMT
last-modified: Tue, 11 Jan 2022 09:35:15 GMT
content-length: 928
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
priority: u=3,i

GET
H3 200 10000000_1564591087247552_8499114858570597954_n.mp4 Show response
video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/ Frame DFF7 148 KB
148 KB 13ms
12ms Fetch
video/mp4 2a03:2880:f05b:a:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/10000000_1564591087247552_8499114858570597954_n.mp4?_nc_cat=1&ccb=1-5&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9oZDFfdHJpbW1lZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=NBsEh4XqARoAX9Q6vsh&_nc_ht=video-zrh1-1.xx&edm=AGo2L-IEAAAA&oh=00_AT9Ouv_gkqm0rdCOg-7gTh8LeIEadoat5t8rei9n2QU52Q&oe=61DDD9A7&bytestart=288328&byteend=439898
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/cKWAtuxHlF_.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f05b:a:face:b00c:0:1823 Zurich, Switzerland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e948a8076142147c982672fef0f54bfad180b264b0431bd53819358e79051704

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:31 GMT
last-modified: Tue, 11 Jan 2022 09:35:15 GMT
content-length: 151571
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
priority: u=3,i

GET
H3 200 10000000_668004417721209_7149902939002655879_n.mp4 Show response
video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/ Frame DFF7 95 KB
95 KB 13ms
13ms Fetch
video/mp4 2a03:2880:f05b:a:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/10000000_668004417721209_7149902939002655879_n.mp4?_nc_cat=1&ccb=1-5&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF90cmltbWVkX2ZyYWdfMl9hdWRpbyJ9&_nc_ohc=-MBCdEZXRgUAX-A7e_G&_nc_ht=video-zrh1-1.xx&edm=AGo2L-IEAAAA&oh=00_AT8U3SYrcw_XrA_Dd2GTYjPXtOfUbvAVLDCP0eAhlJ28rw&oe=61DDD082&bytestart=110513&byteend=208231
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/cKWAtuxHlF_.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f05b:a:face:b00c:0:1823 Zurich, Switzerland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 32039c2d385cc4ca5804c9467016e67e2c14c2da3a88ba2e7043d87905ac7034

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:31 GMT
last-modified: Tue, 11 Jan 2022 09:35:11 GMT
content-length: 97719
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
priority: u=3,i

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 216ms
65ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-41819048-4&cid=933982744.1641918330&jid=256256983&_u=YAhAAEAAAAAAAC~&z=1750731305

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jan 2022 16:25:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 214ms
63ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-41819048-4&cid=933982744.1641918330&jid=256256983&_u=YAhAAEAAAAAAAC~&z=1750731305

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jan 2022 16:25:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 10000000_1564591087247552_8499114858570597954_n.mp4 Show response
video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/ Frame DFF7 486 KB
486 KB 25ms
24ms Fetch
video/mp4 2a03:2880:f05b:a:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/10000000_1564591087247552_8499114858570597954_n.mp4?_nc_cat=1&ccb=1-5&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9oZDFfdHJpbW1lZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=NBsEh4XqARoAX9Q6vsh&_nc_ht=video-zrh1-1.xx&edm=AGo2L-IEAAAA&oh=00_AT9Ouv_gkqm0rdCOg-7gTh8LeIEadoat5t8rei9n2QU52Q&oe=61DDD9A7&bytestart=439899&byteend=937613
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/cKWAtuxHlF_.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f05b:a:face:b00c:0:1823 Zurich, Switzerland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 7644fc937bca4bcf108d4cf10b8aee92a76a8a0af6e6c74a0be28d26f3639766

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:31 GMT
last-modified: Tue, 11 Jan 2022 09:35:15 GMT
content-length: 497715
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
priority: u=3,i

GET
H3 200 10000000_1564591087247552_8499114858570597954_n.mp4 Show response
video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/ Frame DFF7 550 KB
550 KB 16ms
15ms Fetch
video/mp4 2a03:2880:f05b:a:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/10000000_1564591087247552_8499114858570597954_n.mp4?_nc_cat=1&ccb=1-5&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9oZDFfdHJpbW1lZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=NBsEh4XqARoAX9Q6vsh&_nc_ht=video-zrh1-1.xx&edm=AGo2L-IEAAAA&oh=00_AT9Ouv_gkqm0rdCOg-7gTh8LeIEadoat5t8rei9n2QU52Q&oe=61DDD9A7&bytestart=937614&byteend=1500548
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/cKWAtuxHlF_.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f05b:a:face:b00c:0:1823 Zurich, Switzerland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: c8bdea55d2a6eac001922a61dabc2dfae7ddbef1a3de2c786996aa2b13f3e6d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:32 GMT
last-modified: Tue, 11 Jan 2022 09:35:15 GMT
content-length: 562935
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
priority: u=3,i

GET
H/1.1 206
Partial Content sthl_superapp_housead.mp4
vod6.hkheadline.com/hkheadline/instant_video/2022/0103/ 69 KB
69 KB 201ms
200ms Media
video/mp4 203.80.0.196
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vod6.hkheadline.com/hkheadline/instant_video/2022/0103/sthl_superapp_housead.mp4
Requested by: Host: hd.stheadline.com
URL: https://hd.stheadline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 203.80.0.196 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),
Reverse DNS
Software: nginx /
Resource Hash: ea883d10d3ba1069465790ef750c18dd9559bfe9533d006b18f7208d803fc5c9

Request headers

Referer: https://hd.stheadline.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=6979584-

Response headers

Date: Tue, 11 Jan 2022 16:25:32 GMT
Last-Modified: Thu, 30 Dec 2021 04:29:05 GMT
Server: nginx
ETag: "61cd3591-6b9273"
Content-Type: video/mp4
Content-Range: bytes 6979584-7049842/7049843
Connection: keep-alive
Content-Length: 70259

GET
H3 200 container.html Show response
94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5E16 6 KB
3 KB 93ms
42ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/

Response headers

cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 11 Jan 2022 16:25:31 GMT
expires: Wed, 11 Jan 2023 16:25:31 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3591 6 KB
3 KB 87ms
43ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/

Response headers

cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 11 Jan 2022 16:25:31 GMT
expires: Wed, 11 Jan 2023 16:25:31 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame D34B 189 KB
55 KB 183ms
43ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 99479
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Mon, 10 Jan 2022 12:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Jan 2023 12:47:33 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame D34B 13 KB
5 KB 290ms
152ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 99479
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Mon, 10 Jan 2022 12:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Jan 2023 12:47:33 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame D34B 89 KB
28 KB 292ms
154ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 99479
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Mon, 10 Jan 2022 12:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Jan 2023 12:47:33 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame D34B 5 KB
2 KB 302ms
164ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 99479
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Mon, 10 Jan 2022 12:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Jan 2023 12:47:33 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame D34B 40 KB
13 KB 302ms
165ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 99479
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Mon, 10 Jan 2022 12:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0f988502fa2967b0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Jan 2023 12:47:33 GMT

GET
DATA 200
OK truncated
/ Frame D34B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 513c0be0f69c7f1625c845cd911d3a2e7eb1203c17e65278ff5b8b920072f399

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame 3A84 189 KB
54 KB 218ms
95ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 99479
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Mon, 10 Jan 2022 12:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Jan 2023 12:47:33 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 3A84 13 KB
5 KB 190ms
97ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 99479
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Mon, 10 Jan 2022 12:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Jan 2023 12:47:33 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 3A84 89 KB
28 KB 180ms
88ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 99479
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Mon, 10 Jan 2022 12:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Jan 2023 12:47:33 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 3A84 5 KB
2 KB 191ms
98ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 99479
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Mon, 10 Jan 2022 12:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Jan 2023 12:47:33 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 3A84 40 KB
13 KB 200ms
103ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 99479
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Mon, 10 Jan 2022 12:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0f988502fa2967b0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Jan 2023 12:47:33 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/13074512497017290948/ Frame 3A84 45 KB
46 KB 951ms
613ms Image
image/jpeg 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13074512497017290948/2076313506083323656

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf20b1c7ebfd8744af0ab794f09ee6f06bd0ff753e8a9d1b9ab5096053f11d30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 13:49:24 GMT
x-content-type-options: nosniff
age: 354969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46557
x-xss-protection: 0
last-modified: Thu, 09 Sep 2021 23:50:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Jan 2023 13:49:24 GMT

GET
DATA 200
OK truncated
/ Frame 3A84 215 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8f6e94fcf43c4de739a29673ac26d9d7e29aa0e7227af066ccbab5cf4cf8ad2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3A84 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ff9575cea341dc85b3b2faf5341433ee4b474feb3751dd82cbe62d57cbd54d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 73399599488284079
tpc.googlesyndication.com/simgad/ Frame D34B 99 KB
99 KB 803ms
430ms Image
image/gif 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/73399599488284079

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5a33fb09c564f7c2c93c4751d27814fea3097ea24cb59e7f81f557d1fefc91b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 10:19:53 GMT
x-content-type-options: nosniff
age: 367539
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101539
x-xss-protection: 0
last-modified: Fri, 06 Sep 2019 13:32:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Jan 2023 10:19:53 GMT

GET
H2 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D34B 3 KB
3 KB 699ms
327ms Image
image/png 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 10 Jan 2022 17:53:31 GMT
x-content-type-options: nosniff
server: cafe
age: 81121
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3430
x-xss-protection: 0
expires: Tue, 11 Jan 2022 17:53:31 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D34B 344 B
807 B 502ms
130ms Image
image/png 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 10 Jan 2022 17:44:29 GMT
x-content-type-options: nosniff
server: cafe
age: 81663
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 11 Jan 2022 17:44:29 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D34B 0
0 106ms
99ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CMyObe6_dYdbjCpSRgAejirDACJLw0_Fl5Pu1mowK9ejav80BEAEggv2DDmCV4pCCoAegAcLR65kDyAEDqQLGaKY7twGzPuACAKgDAcgDCKoE7QFP0LJHoSns4M25cI53ahKmKgZYeOtKi8LKq5bkJbKuSJrPno4zrJ22ZHN9J5JsM2plEZ-bqnNliCQIwMtxNV7lY9JvWoH3Lol3_WcIQgDNCnCiYBKcYsfRMZAfCfQ9NDVnHPeOdM1dFjhsrChWtptCJycOZXVohtc8ZrBtmwttpI8HoorUdi-hmbymXMqL2iyT37NsLXcNbbIUkQ2s4l-l23ucBB-HNFpGgFgd2P1XrqPrpa78CxWu4lP3Y9H8J7UpkGmGuefW8e9lKn-yUqBOcCkmQrBTKlOwCnkBkVR0BoJagT6knj709VgCtdjABNuv993xAeAEAZIFBAgEGAGSBQQIBRgEoAYDgAemrpRmqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQv-oI0ggJCIDhgHAQARgdgAoByAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTg5NjEyOTc2Nzc5Nzc0MTMYro0i&sigh=SHYaGMoEPZk&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: hd.stheadline.com
URL: https://hd.stheadline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3A84 3 KB
3 KB 763ms
425ms Image
image/png 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 10 Jan 2022 17:53:31 GMT
x-content-type-options: nosniff
server: cafe
age: 81121
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3430
x-xss-protection: 0
expires: Tue, 11 Jan 2022 17:53:31 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3A84 344 B
402 B 468ms
130ms Image
image/png 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 10 Jan 2022 17:44:29 GMT
x-content-type-options: nosniff
server: cafe
age: 81663
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 11 Jan 2022 17:44:29 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3A84 0
0 90ms
89ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cox82e6_dYcf0CpSRgAejirDACPDJsYRnnZ7VtsEOuLaWmEMQASCEzpoyYJXikIKgB6AB9-K2kQHIAQmpAkhxfMSbDoU-4AIAqAMByAMKqgTxAU_QdaNi1bwFmgK6sBaaztWbcL_tn6srDl0C1XGs5Q1tQp4vbkDJwempE6S6gx59Tzcu5h7h1vecSTFipl8k3evAzzo73gO0xDdOSPWJBWRFiqGaMYefqhsgRqD0GqxhY27eT_r7k7bnZtV_4G8v8QDcpc7zpNuEVd9kj4tMOH0E_jL8etIfFyyLXfaT5-r0o4AEi1OMSvtj_mnbWwiC0pCAYHUHg-eOjLUI0f6gt6Ou34hVov6sVNyaHldCUvGgme10MmfXzzkJX2P3AqKCDcppkF3BxYwsq0f1VJwNY08dCgAKrKc-SKdvoJXQ_5Wh-EPABP7PtfznA-AEAZIFBAgEGAGSBQQIBRgEoAYugAfxnMnuAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEPSMBdIICQiA4YBwEAEYHYAKA8gLAdgTDYgUAtAVAZgWAYAXAbIXHgocCAASFHB1Yi0zNjM1OTk2MTA1OTgzNDQ0GK6NIg&sigh=hKDQbFY0WzQ&uach_m=[UACH]&template_id=484&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: hd.stheadline.com
URL: https://hd.stheadline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame E990 198 KB
25 KB 395ms
153ms Document
text/html 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdfe3a2b1cfc249d20f20867371282841afa1757342ed25421e4c3e0f449c581

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
date: Fri, 07 Jan 2022 12:28:01 GMT
expires: Sat, 07 Jan 2023 12:28:01 GMT
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 24421
age: 359851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5E16 0
0 111ms
110ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CVz3He6_dYYzcCpSRgAejirDACNi3m8tnxIPVxvEO3NkeEAEggv2DDmCV4pCCoAegAYqlj5kDyAEJqQLGaKY7twGzPuACAKgDAcgDAqoE6QFP0AFXAmCJXliJSHGirlb76FsrY8PWdy-R53nOrJIQzMuGHVM2pUDgEmjB_9icsdZjPU_ZV-osNN4TJQe2gCgSuOKHd78LA_j6oW4_PQ_1FjSPIthghZCTw0NwBWd_D-KN5LvM0LNQGGLAZUTrBTbkGRSNhYvgZUBYJkVAAP1a8c5SgpQ7Z92dpQ26ImgHg_wOk8Q3mSvypWke0NYO6-wZ7ATmDfXOptHtd5_emiSLBLYVfJyUR_JtSBdL3yZ7F-99F15MW4fnwDKUgtmo_0E_AZmEDVuRqCC0bmclKjww2aa7JyoczfIUKsAE3Nr-tf4C4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBl2AB97a8GaoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBD6lwXSCAkIgOGAcBABGB2ACgHICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItODk2MTI5NzY3Nzk3NzQxMxiujSI&sigh=aJPVXjzRZRs&uach_m=[UACH]
Requested by: Host: hd.stheadline.com
URL: https://hd.stheadline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6163 143 B
426 B 494ms
128ms Document
text/html 2a00:1450:4019:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com
URL: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:809::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 11 Jan 2022 15:34:59 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3034
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/ Frame 5E16 2 KB
1 KB 829ms
603ms Script
text/javascript 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/window_focus_fy2019.js

Requested by

Host: 94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com
URL: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Jan 2022 16:21:35 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E16 120 KB
37 KB 118ms
68ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com
URL: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fafe7818a41c059503c456f7c05b733a3334e9e0ed4241cc9189600b9ae687e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641817384012296"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Jan 2022 16:25:32 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/ Frame 5E16 15 KB
6 KB 356ms
131ms Script
text/javascript 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com
URL: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d847a2b472bb4f98a901aecde2461eba0d47978d1ee4c0e386e3ee299e8ed96b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:20:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 10427043382315408254
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Jan 2022 16:20:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5E16 0
0 106ms
55ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR5lp54NgLwRFL5KtFnkzXoYuBHL82lxVVGEfYiKyhDXnjd6w0J71vsMwr05g-FU-Uu3i-s
Requested by: Host: 94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com
URL: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame 6198 198 KB
24 KB 540ms
343ms Document
text/html 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdfe3a2b1cfc249d20f20867371282841afa1757342ed25421e4c3e0f449c581

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
date: Fri, 07 Jan 2022 12:28:01 GMT
expires: Sat, 07 Jan 2023 12:28:01 GMT
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 24421
age: 359851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3591 0
0 89ms
88ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cbqyfe6_dYdTeCpSRgAejirDACNi3m8tnxIPVxvEO3NkeEAEggv2DDmCV4pCCoAegAYqlj5kDyAEJqQLGaKY7twGzPuACAKgDAcgDAqoE7AFP0JxSqqkjSx_KCh-tmghcaBMVHld-8fiBF8pSBW4OaN-Oq8DHhlIwFbT3wQ6yjTbeEGrS0v5vK5FveD7tfT9gV4vxSpZEIR0Uil8_-SyGsw7hbbTPLEGm3svTwXgp5r5ZxRpwADiHv5DRQU4YtHTAVd0xlEewKrjzd7ShV6sTRRBUxPkVW0in9qdYddNxFw3yveJjo2c_r_ilKt4JQUz1LGpcLon_-d0bHPL6m87DYUWPx5kMRxmEmjE4XXapkbYgMU6sicOf0y1zRqQmLipUVmFT6SsuOeJhib0dO8qWJBrxal5p-JKrSs-PN8AE3Nr-tf4C4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBl2AB97a8GaoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDu0QTSCAkIgOGAcBABGB2ACgHICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItODk2MTI5NzY3Nzk3NzQxMxiujSI&sigh=vDAqA6_olE4&uach_m=[UACH]
Requested by: Host: hd.stheadline.com
URL: https://hd.stheadline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9F27 143 B
198 B 461ms
128ms Document
text/html 2a00:1450:4019:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com
URL: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:809::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 11 Jan 2022 15:34:59 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3034
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/ Frame 3591 2 KB
1 KB 794ms
602ms Script
text/javascript 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/window_focus_fy2019.js

Requested by

Host: 94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com
URL: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Jan 2022 16:21:35 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3591 120 KB
37 KB 111ms
97ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com
URL: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fafe7818a41c059503c456f7c05b733a3334e9e0ed4241cc9189600b9ae687e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641817384012296"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Jan 2022 16:25:32 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/ Frame 3591 15 KB
6 KB 784ms
594ms Script
text/javascript 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com
URL: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d847a2b472bb4f98a901aecde2461eba0d47978d1ee4c0e386e3ee299e8ed96b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:20:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 10427043382315408254
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Jan 2022 16:20:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3591 0
0 70ms
53ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRIXdWnXMnbEn7KJQ61U8-UMFtPyOFEvZonkHNqdhc2qh7mlywhORIGGqaW2bXl_UVX5hgD
Requested by: Host: 94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com
URL: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame D34B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

477ms
365ms

Image
text/html

2a00:1450:4019:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: hd.stheadline.com
URL: https://hd.stheadline.com/
Protocol: H2
Server: 2a00:1450:4019:809::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date: Tue, 11 Jan 2022 16:25:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D34B 3 KB
3 KB 541ms
531ms Image
image/png 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 10 Jan 2022 17:53:31 GMT
x-content-type-options: nosniff
server: cafe
age: 81122
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3430
x-xss-protection: 0
expires: Tue, 11 Jan 2022 17:53:31 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D34B 344 B
402 B 545ms
535ms Image
image/png 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 10 Jan 2022 17:44:29 GMT
x-content-type-options: nosniff
server: cafe
age: 81664
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 11 Jan 2022 17:44:29 GMT

GET
H2 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3A84 3 KB
3 KB 586ms
586ms Image
image/png 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 10 Jan 2022 17:53:31 GMT
x-content-type-options: nosniff
server: cafe
age: 81122
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3430
x-xss-protection: 0
expires: Tue, 11 Jan 2022 17:53:31 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3A84 344 B
407 B 588ms
588ms Image
image/png 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 10 Jan 2022 17:44:29 GMT
x-content-type-options: nosniff
server: cafe
age: 81664
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 11 Jan 2022 17:44:29 GMT

GET
H/1.1 206
Partial Content sthl_superapp_housead.mp4
vod6.hkheadline.com/hkheadline/instant_video/2022/0103/ 4 MB
0 198ms
198ms Media
video/mp4 203.80.0.196
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vod6.hkheadline.com/hkheadline/instant_video/2022/0103/sthl_superapp_housead.mp4
Requested by: Host: hd.stheadline.com
URL: https://hd.stheadline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 203.80.0.196 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://hd.stheadline.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=32768-

Response headers

Date: Tue, 11 Jan 2022 16:25:33 GMT
Last-Modified: Thu, 30 Dec 2021 04:29:05 GMT
Server: nginx
ETag: "61cd3591-6b9273"
Content-Type: video/mp4
Content-Range: bytes 32768-7049842/7049843
Connection: keep-alive
Content-Length: 7017075

GET
DATA 200
OK truncated
/ Frame 5E16 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 885c8ed798df0e03d851e0f9c5a6b8d3d4a9e543c3e83cffc3f9a7a579a76ca0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E990 16 KB
6 KB 437ms
189ms Script
text/javascript 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:44:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2480
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 12 Jan 2022 15:44:13 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E990 26 KB
10 KB 375ms
129ms Script
text/javascript 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:34:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78650
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 11 Jan 2022 18:34:43 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6163
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

581ms
336ms

Document
text/html

2a00:1450:4019:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com
URL: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:809::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Jan 2022 16:25:33 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 11 Jan 2022 16:25:33 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Jan 2022 16:25:33 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9F27
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

1094ms
893ms

Document
text/html

2a00:1450:4019:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com
URL: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:809::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Jan 2022 16:25:34 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 11 Jan 2022 16:25:34 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Jan 2022 16:25:33 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6198 16 KB
6 KB 389ms
206ms Script
text/javascript 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:44:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2480
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 12 Jan 2022 15:44:13 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6198 26 KB
10 KB 339ms
157ms Script
text/javascript 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:34:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78650
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 11 Jan 2022 18:34:43 GMT

GET
DATA 200
OK truncated
/ 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 46ms
46ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1280447225&t=event&ni=0&_s=1&dl=https%3A%2F%2Fhd.stheadline.com%2F&ul=en-us&de=UTF-8&dt=%E5%8D%B3%E6%99%82%20%E6%97%A5%E5%A0%B1%20%E5%B0%88%E6%AC%84%20h1.hk%20%E4%BB%BB%E7%9D%87no.1%20%7C%20%E9%A0%AD%E6%A2%9D%E6%97%A5%E5%A0%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=HTML5%20Video&ea=Played%20video&el=%E4%BF%A1%E7%94%A8%E6%AC%BA%E8%A9%90%E5%B8%AB%EF%BD%9C%E6%B1%9F%E5%8F%A3%E6%B4%8B%E4%BB%8B%E5%8A%A0%E6%88%B2%E6%BC%94%E3%80%8A%E4%BF%A1%E7%94%A8%E6%AC%BA%E8%A9%90%E5%B8%AB3%E3%80%8B%20%E9%95%B7%E6%BE%A4%E5%87%BA%E5%A0%B4%E9%87%8D%E6%BC%94%E6%92%92%E9%8C%A2%E7%B6%93%E5%85%B8%E5%A0%B4%E9%9D%A2&_u=aAjAAEABAAAAAC~&jid=&gjid=&cid=933982744.1641918330&tid=UA-41819048-4&_gid=1173446615.1641918331&gtm=2wg150T3HQTH7&z=1439700335

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jan 2022 07:56:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 30556
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3591 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29557ef336e8acc0c32f988b861ac4b1afe1b92c8d58503df0a85f24390037c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 getLoginStatusApi.php Show response
hd.stheadline.com/ajax/ 112 B
449 B 1134ms
1132ms XHR
text/html 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://hd.stheadline.com/ajax/getLoginStatusApi.php

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/g/jquery@1.12.4,bootstrap@3.3.7,perfect-scrollbar@0.6.14(js/perfect-scrollbar.jquery.min.js),sweetalert2@5.3.5

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

b82b70e8fb6162477bfa925fb2bb2aa6ac05fcc35cceb9daf9ca9ec3a2bc6ea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://hd.stheadline.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/html; charset=UTF-8
server: Tengine
x-frame-options: SAMEORIGIN
p3p: CP=This is not a P3P policy! See http://hd.stheadline.com/privacy.php for more info.
via: cache7.l2de2[994,0], cache1.de3[998,0]
x-xss-protection: 1; mode=block
cache-control: no-cache no-store must-revalidate max-age=0, max-age=300
timing-allow-origin: *
vary: Accept-Encoding
content-length: 108
eagleid: 4f85b19516419183338095137e

GET
H/1.1 200
OK update_hitrate.php Show response
stat.stheadline.com/video/ 2 B
558 B 1066ms
204ms XHR
text/html 203.80.1.166
UNSPECIFIED Sing ...

General

Check archive.org

Show headers Download Go to

Full URL

https://stat.stheadline.com/video/update_hitrate.php?n=hl&m=s&t=w&l=index&u=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F97.0.4692.71%2520Safari%252F537.36&id=110210&c=f&type=pop

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/g/jquery@1.12.4,bootstrap@3.3.7,perfect-scrollbar@0.6.14(js/perfect-scrollbar.jquery.min.js),sweetalert2@5.3.5

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

203.80.1.166 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),

Reverse DNS

Software

Resource Hash

843ac01149cced785dfebd0028d3b03ba78e286e1c6f9517ebfcdb609d97af4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://hd.stheadline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 16:25:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Render-Time: 0.004
X-UA-Device: desktop
X-Cnection: close
Connection: Keep-Alive
Content-Length: 26
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge, chrome=1
Pragma: no-cache
Vary: Accept, Accept-Encoding, X-UA-Device
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Robots-Tag: noindex, noarchive, nofollow
Expires: Tue, 11 Jan 2022 16:25:34 GMT

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a39d9acefe24437ed2d4031241c6a1e19751f7e2010681b9320dd2264d27ef54

Request headers

Referer
Origin: https://hd.stheadline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 p
sb.scorecardresearch.com/ 64 B
444 B 75ms
75ms Image
image/gif 13.33.240.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=9053246&ns_site=news&ns_vsite=headline&ns_type=hidden&ns_st_sv=4.1311.28&ns_st_it=c&ns_st_id=1641918333050_1&ns_st_ec=1&ns_st_sp=1&ns_st_sq=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=0&ns_st_pb=1&ns_st_mp=streamsense&ns_st_mv=4.1311.28&ns_st_pn=1&ns_st_tp=1&ns_st_ci=110210&ns_ts=1641918333051&ns_st_bt=0&ns_st_bp=0&ns_st_br=0&ns_st_ub=0&ns_st_ep=%E4%BF%A1%E7%94%A8%E6%AC%BA%E8%A9%90%E5%B8%AB%EF%BD%9C%E6%B1%9F%E5%8F%A3%E6%B4%8B%E4%BB%8B%E5%8A%A0%E6%88%B2%E6%BC%94%E3%80%8A%E4%BF%A1%E7%94%A8%E6%AC%BA%E8%A9%90%E5%B8%AB3%E3%80%8B%20%E9%95%B7%E6%BE%A4%E5%87%BA%E5%A0%B4%E9%87%8D%E6%BC%94%E6%92%92%E9%8C%A2%E7%B6%93%E5%85%B8%E5%A0%B4%E9%9D%A2&ns_st_ge=*null&ns_st_ct=vc11&c7=https%3A%2F%2Fhd.stheadline.com%2F&c8=%E5%8D%B3%E6%99%82%20%E6%97%A5%E5%A0%B1%20%E5%B0%88%E6%AC%84%20h1.hk%20%E4%BB%BB%E7%9D%87no.1%20%7C%20%E9%A0%AD%E6%A2%9D%E6%97%A5%E5%A0%B1&c9=&nscustom_category=f&ns_st_sn=*null&ns_st_en=*null&ns_st_ti=*null&ns_st_ia=*null&ns_st_ce=*null&ns_st_ddt=*null&ns_st_tdt=*null&c3=popnews
Requested by: Host: hd.stheadline.com
URL: https://hd.stheadline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.240.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-240-11.hel50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:33 GMT
via: 1.1 2927b5fd4ddd05be6a9ce18058f195ee.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 6NrGX-4nxtarU2x8QNhvNfJkwI1g4cRhcgSdGBCOFThl2e3MgUT_7A==

GET
H3

200

/
www.facebook.com/login/ Frame EC5A
Redirect Chain

https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=978368502211772&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df30208585...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D978368502211772%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....

0
0

99ms
99ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D978368502211772%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df302085856d4144%2526domain%253Dhd.stheadline.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fhd.stheadline.com%25252Ff3243eabebb95b%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fheadlinehk%26locale%3Dzh_HK%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D298

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/all.js?hash=b38d31f3e329740ccc502450c6989f06

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: nPHHF/UwgsW7ARTimNDS0AQOtZq3FvNpdHApPNG8rgkrMDZQyQ/DEP3vLYG6BaqJmhU4a6v5iBOa6Lbm4mFLbg==
date: Tue, 11 Jan 2022 16:25:33 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D978368502211772%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df302085856d4144%2526domain%253Dhd.stheadline.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fhd.stheadline.com%25252Ff3243eabebb95b%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fheadlinehk%26locale%3Dzh_HK%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D298
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: UA5NgyHqSB2h5c2kDePjDm09g9feiIRh2XC7WUCimYD+Qd6k5XMlfSPXRXW3IkiIjHR9rn89uB1kzj6lHcHFZA==
content-length: 0
date: Tue, 11 Jan 2022 16:25:33 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H3 200 gluehbirne.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame E990 858 B
466 B 137ms
134ms Image
image/svg+xml 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/gluehbirne.svg

Requested by

Host: 94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com
URL: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcb8f4cac9358e0d78bca726b0c89dc1df284ce67cd078028f24008e184493e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 359849
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 436
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
date: Fri, 07 Jan 2022 12:28:04 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Jan 2023 12:28:04 GMT

GET
H3 200 strahlen.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame E990 879 B
382 B 141ms
137ms Image
image/svg+xml 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/strahlen.svg

Requested by

Host: 94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com
URL: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a647ffb391ee312ecaf646b14d0b60a004c8b60e17870ac28facc319b53955f2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 359849
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 352
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
date: Fri, 07 Jan 2022 12:28:04 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Jan 2023 12:28:04 GMT

GET
H3 200 vid1_728x90.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame E990 6 KB
6 KB 137ms
133ms Image
image/jpeg 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/vid1_728x90.jpg

Requested by

Host: 94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com
URL: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe3a45122ffb45cdfaf3c9147f0e5407be5a08151b1025fb7eae18f1216da491

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 285350
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6102
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
date: Sat, 08 Jan 2022 09:09:43 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Jan 2023 09:09:43 GMT

GET
H3 200 vid9_728x90.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame E990 7 KB
7 KB 141ms
137ms Image
image/jpeg 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/vid9_728x90.jpg

Requested by

Host: 94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com
URL: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a83e4bb2a98df95ee3291e06a76024c79b62aeb2b2c111d34cc84c5af241d0e4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 285350
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6997
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
date: Sat, 08 Jan 2022 09:09:43 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Jan 2023 09:09:43 GMT

GET
H3 200 Wie_das_geht_erfahren_Sie_hier_728x90.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame E990 2 KB
2 KB 160ms
156ms Image
image/jpeg 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/Wie_das_geht_erfahren_Sie_hier_728x90.jpg

Requested by

Host: 94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com
URL: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df69871d426374758b8981768ef3caa480fb966e1f70e7015051837c005478af

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 285350
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1717
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
date: Sat, 08 Jan 2022 09:09:43 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Jan 2023 09:09:43 GMT

GET
H3 200 Smarte_Beleuchtung_fu_r_Ihr_Zuhause_728x90.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame E990 3 KB
3 KB 173ms
169ms Image
image/jpeg 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/Smarte_Beleuchtung_fu_r_Ihr_Zuhause_728x90.jpg

Requested by

Host: 94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com
URL: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d595f2f2c4d32eeb822be8337ae5c2bc4302a7f6b32bbc4b29d4c5b86472eb20

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 285350
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2857
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
date: Sat, 08 Jan 2022 09:09:43 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Jan 2023 09:09:43 GMT

GET
H3 200 Gemu_tliches_Licht.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame E990 3 KB
3 KB 166ms
163ms Image
image/jpeg 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/Gemu_tliches_Licht.jpg

Requested by

Host: 94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com
URL: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9552747080259280658a7ca63697792ac23f9eddc1b852af3851fb010469d659

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 358919
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2769
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
date: Fri, 07 Jan 2022 12:43:34 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Jan 2023 12:43:34 GMT

GET
H3 200 Ganz_einfach.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame E990 2 KB
2 KB 171ms
168ms Image
image/jpeg 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/Ganz_einfach.jpg

Requested by

Host: 94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com
URL: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36317007a5b2a5523c31e36eee382593cf4f2a5b49923f896228c1e6eaa0f7f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 376517
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2077
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
date: Fri, 07 Jan 2022 07:50:16 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Jan 2023 07:50:16 GMT

GET
H3 200 square.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame E990 9 KB
9 KB 182ms
178ms Image
image/png 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/square.png

Requested by

Host: 94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com
URL: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa0cd9475282911c184f564385b0b610767109ae4bca64c914af0cbeb722bb4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 376517
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9006
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
date: Fri, 07 Jan 2022 07:50:16 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Jan 2023 07:50:16 GMT

GET
H3 200 homematic.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame E990 3 KB
3 KB 209ms
205ms Image
image/png 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/homematic.png

Requested by

Host: 94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com
URL: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91035c1fe5b437bc3887fe3c741f18a2135902bff05eadc228d77eead13b7036

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 376517
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2904
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
date: Fri, 07 Jan 2022 07:50:16 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Jan 2023 07:50:16 GMT

GET
H2 206 a7808667c80744be90ac8a63ba251f94-17182c36024157950297d68431b52f04-ld.mp4
video.hkhl.hk/302f456318474f7fbfcace60faf3ba59/ 3 MB
0 427ms
27ms Media
video/mp4 79.133.177.227
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://video.hkhl.hk/302f456318474f7fbfcace60faf3ba59/a7808667c80744be90ac8a63ba251f94-17182c36024157950297d68431b52f04-ld.mp4
Requested by: Host: hd.stheadline.com
URL: https://hd.stheadline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 79.133.177.227 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Referer: https://hd.stheadline.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 11 Jan 2022 16:25:34 GMT
via: cache5.l2de2[0,0,304-0,H], cache4.l2de2[1,0], cache13.de3[0,0,206-0,H], cache1.de3[2,0]
x-oss-request-id: 61DDAD44637FD2393126A489
age: 570
x-cache: HIT TCP_MEM_HIT dirn:13:54255972 mlen:0
Content-Range: bytes 0-5307708/5307709
x-oss-cdn-auth: success
x-swift-cachetime: 925
x-swift-savetime: Tue, 11 Jan 2022 16:24:19 GMT
Content-Length: 5307709
x-oss-object-type: Normal
last-modified: Tue, 11 Jan 2022 13:50:04 GMT
server: Tengine
etag: "17182C36024157950297D68431B52F04"
ali-swift-global-savetime: 1641917764
content-type: video/mp4
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 16559999663176107523
eagleid: 4f85b19516419183342716176e
x-oss-server-time: 18

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5E16 42 B
497 B 180ms
80ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstft-IbXeqo56G1wB428KDtzuHhMEMoomC7O2AHic-xd2U1CiiE1-EKoF9Rdyom2WBS5o2C6rLxoSdaT4YuPdbhV3A-i--2joJ_ORc7Cgzww0a_VoLk_JftewNPZyqHWNLMGe_usX7EP6ZC8w&sai=AMfl-YR571gVPMIll1oCG2v48JjwNPVoy5AfVj_c8oA6zfqrHCHY_Ntf058yBoIaZqR_IIhZvIoHrYt4Al-1KGHw0ztSa-oVVCokCFEMt0fdQZ2Onk5w9IYf3NpH3hW7&sig=Cg0ArKJSzA7yKl4NNhN5EAE&cid=CAASPeRobuWL_5qw0xr9m73M3j87HS4YbUZKSjjWbZlqRjyrrgLaNePGu9HYmOWriYLyPR6yxNT6V3VPXg2WZ9Q&id=lidar2&mcvt=1048&p=42,684,132,1412&mtos=1048,1048,1048,1048,1048&tos=1048,0,0,0,0&v=20220110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3832951854&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641918331676&rpt=470&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jan 2022 16:25:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gluehbirne.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame 6198 858 B
466 B 129ms
129ms Image
image/svg+xml 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/gluehbirne.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcb8f4cac9358e0d78bca726b0c89dc1df284ce67cd078028f24008e184493e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 359849
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 436
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
date: Fri, 07 Jan 2022 12:28:04 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Jan 2023 12:28:04 GMT

GET
H3 200 strahlen.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame 6198 879 B
382 B 129ms
129ms Image
image/svg+xml 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/strahlen.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a647ffb391ee312ecaf646b14d0b60a004c8b60e17870ac28facc319b53955f2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 359849
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 352
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
date: Fri, 07 Jan 2022 12:28:04 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Jan 2023 12:28:04 GMT

GET
H3 200 vid1_728x90.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame 6198 6 KB
6 KB 131ms
130ms Image
image/jpeg 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/vid1_728x90.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe3a45122ffb45cdfaf3c9147f0e5407be5a08151b1025fb7eae18f1216da491

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 285350
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6102
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
date: Sat, 08 Jan 2022 09:09:43 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Jan 2023 09:09:43 GMT

GET
H3 200 vid9_728x90.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame 6198 7 KB
7 KB 144ms
144ms Image
image/jpeg 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/vid9_728x90.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a83e4bb2a98df95ee3291e06a76024c79b62aeb2b2c111d34cc84c5af241d0e4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 285350
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6997
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
date: Sat, 08 Jan 2022 09:09:43 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Jan 2023 09:09:43 GMT

GET
H3 200 Wie_das_geht_erfahren_Sie_hier_728x90.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame 6198 2 KB
2 KB 161ms
161ms Image
image/jpeg 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/Wie_das_geht_erfahren_Sie_hier_728x90.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df69871d426374758b8981768ef3caa480fb966e1f70e7015051837c005478af

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 285350
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1717
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
date: Sat, 08 Jan 2022 09:09:43 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Jan 2023 09:09:43 GMT

GET
H3 200 Smarte_Beleuchtung_fu_r_Ihr_Zuhause_728x90.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame 6198 3 KB
3 KB 161ms
160ms Image
image/jpeg 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/Smarte_Beleuchtung_fu_r_Ihr_Zuhause_728x90.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d595f2f2c4d32eeb822be8337ae5c2bc4302a7f6b32bbc4b29d4c5b86472eb20

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 285350
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2857
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
date: Sat, 08 Jan 2022 09:09:43 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Jan 2023 09:09:43 GMT

GET
H3 200 Gemu_tliches_Licht.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame 6198 3 KB
3 KB 169ms
168ms Image
image/jpeg 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/Gemu_tliches_Licht.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9552747080259280658a7ca63697792ac23f9eddc1b852af3851fb010469d659

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 358919
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2769
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
date: Fri, 07 Jan 2022 12:43:34 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Jan 2023 12:43:34 GMT

GET
H3 200 Ganz_einfach.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame 6198 2 KB
2 KB 175ms
174ms Image
image/jpeg 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/Ganz_einfach.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36317007a5b2a5523c31e36eee382593cf4f2a5b49923f896228c1e6eaa0f7f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 376517
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2077
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
date: Fri, 07 Jan 2022 07:50:16 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Jan 2023 07:50:16 GMT

GET
H3 200 square.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame 6198 9 KB
9 KB 180ms
179ms Image
image/png 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/square.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa0cd9475282911c184f564385b0b610767109ae4bca64c914af0cbeb722bb4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 376517
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9006
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
date: Fri, 07 Jan 2022 07:50:16 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Jan 2023 07:50:16 GMT

GET
H3 200 homematic.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame 6198 3 KB
3 KB 202ms
201ms Image
image/png 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/homematic.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91035c1fe5b437bc3887fe3c741f18a2135902bff05eadc228d77eead13b7036

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 376517
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2904
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
date: Fri, 07 Jan 2022 07:50:16 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Jan 2023 07:50:16 GMT

GET
H3 200 10000000_668004417721209_7149902939002655879_n.mp4 Show response
video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/ Frame DFF7 95 KB
95 KB 19ms
18ms Fetch
video/mp4 2a03:2880:f05b:a:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/10000000_668004417721209_7149902939002655879_n.mp4?_nc_cat=1&ccb=1-5&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF90cmltbWVkX2ZyYWdfMl9hdWRpbyJ9&_nc_ohc=-MBCdEZXRgUAX-A7e_G&_nc_ht=video-zrh1-1.xx&edm=AGo2L-IEAAAA&oh=00_AT8U3SYrcw_XrA_Dd2GTYjPXtOfUbvAVLDCP0eAhlJ28rw&oe=61DDD082&bytestart=208232&byteend=305962
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/cKWAtuxHlF_.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f05b:a:face:b00c:0:1823 Zurich, Switzerland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 61b02fd07d36b04ef48de425b6edae4b61f4cca49dbed28d97c7bc08c5361175

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:33 GMT
last-modified: Tue, 11 Jan 2022 09:35:11 GMT
content-length: 97731
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
priority: u=3,i

GET
DATA 200
OK truncated
/ Frame E990 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 vid1_728x90.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame E990 6 KB
6 KB 137ms
131ms Image
image/jpeg 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/vid1_728x90.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe3a45122ffb45cdfaf3c9147f0e5407be5a08151b1025fb7eae18f1216da491

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 285351
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6102
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
date: Sat, 08 Jan 2022 09:09:43 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Jan 2023 09:09:43 GMT

GET
H3 200 Smarte_Beleuchtung_fu_r_Ihr_Zuhause_728x90.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame E990 3 KB
3 KB 133ms
132ms Image
image/jpeg 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/Smarte_Beleuchtung_fu_r_Ihr_Zuhause_728x90.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d595f2f2c4d32eeb822be8337ae5c2bc4302a7f6b32bbc4b29d4c5b86472eb20

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 285351
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2857
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
date: Sat, 08 Jan 2022 09:09:43 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Jan 2023 09:09:43 GMT

GET
H3 200 Wie_das_geht_erfahren_Sie_hier_728x90.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame E990 2 KB
2 KB 140ms
139ms Image
image/jpeg 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/Wie_das_geht_erfahren_Sie_hier_728x90.jpg

Requested by

Host: hd.stheadline.com
URL: https://hd.stheadline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df69871d426374758b8981768ef3caa480fb966e1f70e7015051837c005478af

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 285351
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1717
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
date: Sat, 08 Jan 2022 09:09:43 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Jan 2023 09:09:43 GMT

GET
DATA 200
OK truncated
/ Frame 6198 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 10000000_1564591087247552_8499114858570597954_n.mp4 Show response
video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/ Frame DFF7 593 KB
593 KB 14ms
14ms Fetch
video/mp4 2a03:2880:f05b:a:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/10000000_1564591087247552_8499114858570597954_n.mp4?_nc_cat=1&ccb=1-5&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9oZDFfdHJpbW1lZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=NBsEh4XqARoAX9Q6vsh&_nc_ht=video-zrh1-1.xx&edm=AGo2L-IEAAAA&oh=00_AT9Ouv_gkqm0rdCOg-7gTh8LeIEadoat5t8rei9n2QU52Q&oe=61DDD9A7&bytestart=1500549&byteend=2108094
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/cKWAtuxHlF_.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f05b:a:face:b00c:0:1823 Zurich, Switzerland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 882f8dae984f0c121304d9972eec8eb56091b684d218d422bcc30d18661b7c1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:34 GMT
last-modified: Tue, 11 Jan 2022 09:35:15 GMT
content-length: 607546
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
priority: u=3,i

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 115ms
65ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022010407&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d2ae52c251dc2e06a143fd5aaec5c01539f33cb22c2b4973943b06458131c60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 11 Jan 2022 16:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8673
x-xss-protection: 0

GET
H2

200

dc Show response
trk.hot-mob.com/api/v1/ Frame EF64
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=lively_impact&google_cm&mode=chn_cookie_matching&channel_id=13&channel_cookie=wap.e9ae466622ffda35468ece15ca761d2d
https://tracking.fingereach.com/FRADServing/cookieTracking?mode=chn_cookie_matching&channel_id=13&channel_cookie=wap.e9ae466622ffda35468ece15ca761d2d&google_gid=CAESEHf1nOiDsVfWtn-w8YgBjF0&google_c...
https://trk.hot-mob.com/api/v1/dc?id=wap.e9ae466622ffda35468ece15ca761d2d&alcanzarid=fr1641918340532mC0&googleid=CAESECFLQ6uU0dyFaFqW9rrtUo-&t=alz-mapping&e=cookie-sync

0
294 B

325ms
296ms

Script
text/plain

2606:4700:3035::6815:524
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.hot-mob.com/api/v1/dc?id=wap.e9ae466622ffda35468ece15ca761d2d&alcanzarid=fr1641918340532mC0&googleid=CAESECFLQ6uU0dyFaFqW9rrtUo-&t=alz-mapping&e=cookie-sync
Protocol: H2
Server: 2606:4700:3035::6815:524 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:40 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zSl2zByTzGW%2BW41EiiwNT1YSJGjyp%2FEDiY90ecb%2F0baBtr5bE4ebpbS2BdAkDA9Mi6I%2B0qEXRF1q3Ew8GDgE2JdbRtq01Nitxpg0jzbLgg4IxMTQkL5VhI7gX7aHNzMoXLHjYRFQDAqIFqp9%2FrI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 6cbf809d69f14e14-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Tue, 11 Jan 2022 16:25:40 GMT
Server: nginx/1.14.0 (Ubuntu)
Access-Control-Allow-Origin: *
X-Powered-By: Servlet/3.1 JSP/2.3 (GlassFish Server Open Source Edition 4.1.2 Java/Oracle Corporation/1.8)
Content-Language: en
Location: https://trk.hot-mob.com/api/v1/dc?id=wap.e9ae466622ffda35468ece15ca761d2d&alcanzarid=fr1641918340532mC0&googleid=CAESECFLQ6uU0dyFaFqW9rrtUo-&t=alz-mapping&e=cookie-sync
Cache-Control: no-store
Access-Control-Allow-Credentials: false
Connection: keep-alive
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 334

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 681ms
681ms Script
text/javascript 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Jan 2022 16:25:40 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 59CD 13 KB
5 KB 128ms
128ms Document
text/html 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Fri, 07 Jan 2022 00:05:34 GMT
expires: Sat, 07 Jan 2023 00:05:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 404406
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1B99 783 B
535 B 49ms
48ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

de97bde8dbb2b393b7580a9c3213810c2627b4f1bef4bbf4d1a4e226e7680301

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vABt+7iJaD8ackPGjpBDGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 11 Jan 2022 16:25:40 GMT
date: Tue, 11 Jan 2022 16:25:40 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-vABt+7iJaD8ackPGjpBDGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1B99 0
0 187ms
138ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022010407&jk=3408627940397629&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 r8nbwAJIoZCxWYvDNzL2FR480laaoV7LX6_itKNPK9o.js Show response
pagead2.googlesyndication.com/bg/ Frame 59CD 35 KB
13 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/r8nbwAJIoZCxWYvDNzL2FR480laaoV7LX6_itKNPK9o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afc9dbc00248a190b1598bc33732f6151e3cd2569aa15ecb5fafe2b4a34f2bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 12:26:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 187150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13292
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Jan 2023 12:26:30 GMT

GET generate_204
tpc.googlesyndication.com/ Frame 59CD 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022010407&jk=3408627940397629&bg=!Q0ClQATNAAbDtiZlw7Y7ACkAdvg8Wjxdm9csvUWbODef3x2sYcAF9iAXLYwfSYqQEBsomV2Us4G9OQIAAAByUgAAAAtoAQcKANVX9XT0uppz86T6JcSZnSB73HDxDOBJ0tCaP3FLP8LSDizPQGIr3D56-XwA0ztsSxN-dpoRPqPXhNNnqi8xEvNsgdPWeD-Mn5eEHO5tZplFiiwzvuXIt9w_8A8rJFkRNLA0IWgBcAElOQ9fWL4nFDddL7cWA9ZQb7IO_Rju4b0ajsmZJiRLp_dNblDX3DNttnagvlwFWaC-47lDbZ28YHuO1m4pC2JtFa9L61_IIuo_7nphn1fNLUcQkpiu3qthBSyPbcnrqYJVElhuznlq33bSQAnXJ2WZAokFIRRMO6IZiwNk3DrYMB6Cp1hecKTvFjaFDJ_inblo9gcLrYBY6Ew46Jri3aw-jGDewvTPfVfeqxAehVapKrh-AfZy7G1OQeLOkdcFQhZe13CmQF5T0G0tpenG4qyZsGSLJB4EN3tPm5CdYdFskaAp8zrVLIdZkFZ4o19q-Sa6cUk51rJ_Wy5air4L3n0SWDRQH0I2fp0Sgo73wBaezgK3iKeETGCPGCCl3bqPPg7uZ0VHbepNHWMa5M2RCwPUG0iFtg5mY-RjAlB0t-wl7mLvlJR3m-5-XogA_eFy-V22JgOONN-cLFeDFooAqe5u2GfxbJA0VMTQdr4QDmFv2DzLklubGSpgj8u_ZmcU7liUGWvsZ5M77v8-cFM5Ldi9Tx1t2BD5hnDuK6IW4gaTJIkaFY6JqV30dVAsfygM5GdeOxvLd5pEYHMkfnQKlyOqm7eSolgHPqBsjAdn3Nn-nfjkY2cNf4rCrv-YznXQzvxzigxeZssrKr01DZKBse9JDXIUbD8zfo3CI2yCpsnPfJaYDgElfS1JP24aYgfvwJlGPhfKqrCbBzCJqxSPsLmhH1DUAzwsRKDS1_eKybjWK3bcxy6IOr9a3CqVMCCjeZGvnAlKJbN_kGjAG1YcgpeSFp08veh8hKnDjwqqjIrOknTWKX87ufm7tk6UyZkqflMGvMqeur9AyH9pzjMcIA--xlDU0v2bDhC_3VXqmh0j2xiduzTeRp43cKTEm9nSx_4Cg_G1TmG-oZlVZ1iof7UiB6e5saPZr2mwpeSgtZRnOE3wE9rXbUs8d30NImarm4X8l4HJneWOlfE2ABEySvpuYwGAtQWqwC9cbi3LmZTV5RR5mvN1RVLQ1j96

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jan 2022 16:25:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
sb.scorecardresearch.com/ 64 B
442 B 63ms
62ms Image
image/gif 13.33.240.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=9053246&ns_site=news&ns_vsite=headline&ns_type=hidden&ns_st_sv=4.1311.28&ns_st_it=c&ns_st_id=1641918333050_1&ns_st_ec=2&ns_st_sp=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=10001&ns_st_cl=0&ns_st_hc=1&ns_st_mp=streamsense&ns_st_mv=4.1311.28&ns_st_pn=1&ns_st_tp=1&ns_st_pt=10001&ns_st_pa=10001&ns_st_ci=110210&ns_ts=1641918343052&ns_st_bt=0&ns_st_bp=0&ns_st_pc=0&ns_st_pp=0&ns_st_br=0&ns_st_ub=0&ns_st_ep=%E4%BF%A1%E7%94%A8%E6%AC%BA%E8%A9%90%E5%B8%AB%EF%BD%9C%E6%B1%9F%E5%8F%A3%E6%B4%8B%E4%BB%8B%E5%8A%A0%E6%88%B2%E6%BC%94%E3%80%8A%E4%BF%A1%E7%94%A8%E6%AC%BA%E8%A9%90%E5%B8%AB3%E3%80%8B%20%E9%95%B7%E6%BE%A4%E5%87%BA%E5%A0%B4%E9%87%8D%E6%BC%94%E6%92%92%E9%8C%A2%E7%B6%93%E5%85%B8%E5%A0%B4%E9%9D%A2&ns_st_ge=*null&ns_st_ct=vc11&c7=https%3A%2F%2Fhd.stheadline.com%2F&c8=%E5%8D%B3%E6%99%82%20%E6%97%A5%E5%A0%B1%20%E5%B0%88%E6%AC%84%20h1.hk%20%E4%BB%BB%E7%9D%87no.1%20%7C%20%E9%A0%AD%E6%A2%9D%E6%97%A5%E5%A0%B1&c9=&nscustom_category=f&ns_st_sn=*null&ns_st_en=*null&ns_st_ti=*null&ns_st_ia=*null&ns_st_ce=*null&ns_st_ddt=*null&ns_st_tdt=*null&c3=popnews
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.240.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-240-11.hel50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hd.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:43 GMT
via: 1.1 2927b5fd4ddd05be6a9ce18058f195ee.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: cXcodSiksWKr6gpr1h9UnhPleOaloAj1bywjhiP1iMlg9oIfdyO98g==

GET
H3 200 10000000_1564591087247552_8499114858570597954_n.mp4 Show response
video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/ Frame DFF7 574 KB
574 KB 12ms
12ms Fetch
video/mp4 2a03:2880:f05b:a:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/10000000_1564591087247552_8499114858570597954_n.mp4?_nc_cat=1&ccb=1-5&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9oZDFfdHJpbW1lZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=NBsEh4XqARoAX9Q6vsh&_nc_ht=video-zrh1-1.xx&edm=AGo2L-IEAAAA&oh=00_AT9Ouv_gkqm0rdCOg-7gTh8LeIEadoat5t8rei9n2QU52Q&oe=61DDD9A7&bytestart=2108095&byteend=2695421
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/cKWAtuxHlF_.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f05b:a:face:b00c:0:1823 Zurich, Switzerland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 679d69e57a480c2c4cfa5e3d5e104e98af6ea49378417abffefd3a3cc2ff2553

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:44 GMT
last-modified: Tue, 11 Jan 2022 09:35:15 GMT
content-length: 587327
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
priority: u=3,i

GET
H3 200 10000000_668004417721209_7149902939002655879_n.mp4 Show response
video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/ Frame DFF7 80 KB
80 KB 12ms
12ms Fetch
video/mp4 2a03:2880:f05b:a:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-zrh1-1.xx.fbcdn.net/v/t42.1790-29/10000000_668004417721209_7149902939002655879_n.mp4?_nc_cat=1&ccb=1-5&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF90cmltbWVkX2ZyYWdfMl9hdWRpbyJ9&_nc_ohc=-MBCdEZXRgUAX-A7e_G&_nc_ht=video-zrh1-1.xx&edm=AGo2L-IEAAAA&oh=00_AT8U3SYrcw_XrA_Dd2GTYjPXtOfUbvAVLDCP0eAhlJ28rw&oe=61DDD082&bytestart=305963&byteend=387806
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/cKWAtuxHlF_.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f05b:a:face:b00c:0:1823 Zurich, Switzerland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 3ad3c6090d54fbef84020a1ea3efb8bb9bf2d1aed31cc6b6181b134d64d638e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 16:25:46 GMT
last-modified: Tue, 11 Jan 2022 09:35:11 GMT
content-length: 81844
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
priority: u=3,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?VlM5CA

Verdicts & Comments Add Verdict or Comment

227 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hd.stheadline.com/	1970-01-20 00:05:20	Name: acw_tc Value: 4f85b19516419183265115259e74ef7ef9cc7035ba76d7e60c2676dac4
.demdex.net/	1970-01-20 04:24:30	Name: demdex Value: 51744879261176482361561322553908381230
.stheadline.com/	1969-12-31 23:59:59	Name: AMCVS_E1E31A3C5BB4BED90A495E47%40AdobeOrg Value: 1
.stheadline.com/	1970-01-20 00:05:20	Name: s_pn Value: %E9%A0%AD%E6%A2%9D%E6%97%A5%E5%A0%B1
.stheadline.com/	1970-01-20 01:31:42	Name: s_getNewRepeat Value: 1641918329644-New
.stheadline.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.everesttech.net/	1970-01-20 08:50:54	Name: everest_g_v2 Value: g_surferid~Yd2vegAAAHwviwPg
.dpm.demdex.net/	1970-01-20 04:24:30	Name: dpm Value: 51744879261176482361561322553908381230
.stheadline.com/	1970-01-20 17:36:30	Name: AMCV_E1E31A3C5BB4BED90A495E47%40AdobeOrg Value: -2121179033%7CMCIDTS%7C19004%7CMCMID%7C51312170198466708131535773086328010911%7CMCAAMLH-1642523128%7C6%7CMCAAMB-1642523128%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1641925528s%7CNONE%7CMCSYNCSOP%7C411-19011%7CvVersion%7C5.3.0
.scorecardresearch.com/	1970-01-20 17:22:06	Name: UID Value: 1723HQBQUCR5JZ4XKUKL6Kg1641918331
.demdex.net/	1970-01-20 04:24:30	Name: dextp Value: 481-1-1641918329837\|771-1-1641918330045
hd.stheadline.com/	1970-01-23 15:41:18	Name: hotmobCrossSessionID Value: wap.e9ae466622ffda35468ece15ca761d2d
hd.stheadline.com/	1969-12-31 23:59:59	Name: hotmobCookieVersion Value: 1.1
hd.stheadline.com/	1970-01-20 00:05:19	Name: hm_dc_session_id Value: 5de56d5d95fc3f92fa583a3ca8a16ca6
.stheadline.com/	1970-01-20 17:36:30	Name: _ga Value: GA1.2.933982744.1641918330
.stheadline.com/	1970-01-20 00:06:44	Name: _gid Value: GA1.2.1173446615.1641918331
.stheadline.com/	1970-01-20 00:05:18	Name: _gat_UA-41819048-4 Value: 1
.doubleclick.net/	1970-01-20 09:26:54	Name: IDE Value: AHWqTUnO0y3ei4fD0dxiaYJh06a9n9eiIvm8q-9tyiiVvxZIfDeDdGo5KmvHeUYu7P4
.stheadline.com/	1970-01-20 09:26:54	Name: __gads Value: ID=c6611c7130516e2b:T=1641918331:S=ALNI_MYwnCF6hoGeAiRE4rhD6ToIrvOYzg
.doubleclick.net/	1970-01-20 00:05:21	Name: DSID Value: NO_DATA
.facebook.com/	1970-01-20 17:36:30	Name: sb Value: fa_dYfbQoYNX_zV6mbobMdfG
.facebook.com/	1970-01-20 02:14:54	Name: fr Value: 0U5Iz0q5YCZXr4p61..Bh3a99.LN.AAA.0.0.Bh3a99.AWW4q7bkGUA
.stheadline.com/	1969-12-31 23:59:59	Name: tp Value: 4304
.stheadline.com/	1969-12-31 23:59:59	Name: s_ppv Value: %25u982D%25u689D%25u65E5%25u5831%2C28%2C28%2C1200
.fingereach.com/	1970-01-23 15:41:18	Name: FRID Value: fr1641918340532mC0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://hd.stheadline.com/(Line 784) Message: Unrecognized feature: 'web-share'.
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

94479b0f22e282187c786789a1136947.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
assets.adobedtm.com
cdn.ampproject.org
cdn.jsdelivr.net
charts.megahubhk.com
cm.everesttech.net
cm.g.doubleclick.net
code.hot-mob.com
connect.facebook.net
dpm.demdex.net
googleads.g.doubleclick.net
hd.stheadline.com
hkhl.hk
image.stheadline.com
pagead2.googlesyndication.com
res001.stheadline.com
sb.scorecardresearch.com
scontent-zrh1-1.xx.fbcdn.net
securepubads.g.doubleclick.net
singtaolimited.sc.omtrdc.net
singtaonewscorp.demdex.net
stat.stheadline.com
static.stheadline.com
stats.g.doubleclick.net
token.rubiconproject.com
tpc.googlesyndication.com
tracking.fingereach.com
trk.hot-mob.com
video-zrh1-1.xx.fbcdn.net
video.hkhl.hk
vod6.hkheadline.com
webapi.hot-mob.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
tpc.googlesyndication.com
13.33.240.11
142.250.185.66
142.250.186.162
15.236.176.210
203.80.0.157
203.80.0.172
203.80.0.196
203.80.1.102
203.80.1.166
210.177.64.9
2606:4700:3035::6815:524
2606:4700::6810:5914
2a00:1450:4001:802::2004
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:827::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c02::9a
2a00:1450:4019:805::2001
2a00:1450:4019:809::2002
2a02:26f0:df:3a5::1e80
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f05b:10:face:b00c:0:3
2a03:2880:f05b:a:face:b00c:0:1823
2a03:2880:f12d:83:face:b00c:0:25de
35.241.72.115
46.51.218.109
52.18.187.187
52.211.244.253
79.133.177.227
79.133.177.230
8.39.36.141
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
0186d7dbb38f18caf3f953f0b546a19de826fec6ce09d274c4b88f0ad2ed42d7
027256074e32660039674020bd0c3c753f54ef183735836c5826196acd059e91
033184ef75890f2f9021b4a16b0e2fba7068b065e78fbc423a074e7eef86de25
0399b3714b972cabf60a8df2a5209a23b83a4c24cf6e130e12bea39388545606
0400dd02ed2f7ea80356122526b08cd158e504f528ac15a91156bc8858312fb2
04e62b706f7326a57bf0ef734fa7c35f7542f379e777835f550ea2d8a30b2544
0784f19c1665842ea90014aac95be88262a2d60ddae2a033d2ddc9ae1dff2af7
0974d5da65373f9848c8ef02ab0b9c906ed85724e2d24f7bc9938be23221990e
09d63218a8d88c7134ed07f880df08411bd2665532ab7f75f060e955d154c3ee
09f374891132dde719289e5664b2e6b6b99970ff59cf5a80f10dfb0e0b40b385
0aa0cd9475282911c184f564385b0b610767109ae4bca64c914af0cbeb722bb4
0b9cf9c5d4d128f772ee7ddfce66f324edf2d54f967fbb78f135a0e4d371cbfe
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093
0c7523ecb8adc8e5960ee704ff8adc9c151147788d1b9ae788583d63472026d7
0d156e1622747cafbbf76f229ed6b01a6fa8e926caaf20b1090418c179c10c70
0d2ae52c251dc2e06a143fd5aaec5c01539f33cb22c2b4973943b06458131c60
0d6aeccae97f8afc180c067875efd44cd1ab913e62201a2befb4fe227f2dd448
0e8b176ae4ed952c964e4096c8e8943b2a805d9f6ec2facc88ef6d9e968d88b9
10c8bfa039f153cd5ae0f793012f86bd9bfabde5ccf0181577e4a60c31688805
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1517d807ef62fd59eecfac3446954f0a7fc091e5476e3cd77a60b1056d601b7a
155f625e79fa569cad97651cd9d39d32268a6418b91624edda7fb2da8382600e
158f2be36a23f72c07c1ee9c9bdd2f69063d097c84ab78b69dc10c6a302c98bb
16212a75f90159d6f7fef0c466fb03e911b88841b1f57840834c10339bdae399
17633a7984c3ff0589c32e2241a8d78f236db451f878dc5a638efd220d262a1e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
186b0f1f58079b0b5e78f51cdc5ee37c612ecb7b90b8cc8f362e8f41c31cf106
18890b593c986c4c9638803cd5dd002541c2be7f2ad55c5ca654a37852f3e22a
196d52414a28790ca0247529b9ea9ebce6ce43d16dee8e6df3ac6d1a13c66426
19fc86c605ad28013ec38eae20616fe88f6635d5e0f6fb6ae6684675d9ddfee8
1a24cf98a6a928d977c514fa6e2064c8bd4b22e323937715dfcde71bb203106b
1a7fcc2053126dbf928ca9aad1e35059118af437f84d634f1fe58567c1ecfe34
1ac872b509cdba37add6720f52f34c42c119a97e2ed3d4583a0bad1bdaa5016f
1bb82209b8ba4f1d8b24bff8adfe15a57eb8498f96e64e949e3d9480626d857d
1bdbad79abe39829aab8993d33e1fa35e048e1c9c4687e4fa95374ac5a6d3746
1cfb73df05de1b204ad9c2b2d24b83b6d5b4f07c43108d51a60f97f457b9dbf0
1d929ca8231cdf7dcfd696c6d44475cc44f8e924c7863ffb7fc5802102ec80c1
1e03922084797c4e164beef4d87fac8599b4b1956d807dbb95ff302cd36bc872
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
1f654ff81d90829e1920bb91b7b84655ab7f4b2ed4651b56af4a831b57175dd9
1fcb8f4cac9358e0d78bca726b0c89dc1df284ce67cd078028f24008e184493e
1ff9575cea341dc85b3b2faf5341433ee4b474feb3751dd82cbe62d57cbd54d4
23b7cb4de2bf2722c92209cc7d8d260daadd70f7c2e570a6d2ad668159098bf0
25bed4328841dec3b54605dc1917dc506f498ce055d655129c02bb8975a5b879
25f76160731f7eb1b428da6b47cf5e090e6adced076c4435baf1cb8fd4c391c2
27f7979d487134c6c3483a6806806956fc893bed2c53f8c515a11547e916b731
2925dd157f5d88937d72985a22604c28692380777b45aaf9723fef3e75af5902
29557ef336e8acc0c32f988b861ac4b1afe1b92c8d58503df0a85f24390037c6
29ff702612f2e6319d6615d64bc6ee97f40bef138e6cca812347bea41cc5a3c8
2b3d0642830517ec7f5641a27c2ad597eeebb78408f005896115bb2f260f6670
2cbf0f83cf9a64602ed13c4525ff3b969382bbdbe07eeb8d656f0cf639f9424c
2fc5d62b3d260233c10faa4804563d1c5a631ced8b52cf7b2168401fe3b9a2d0
307d753f986b044663034f6fea71a3b19f92bc7956f7a4ac9fbb6b0674b0de46
32039c2d385cc4ca5804c9467016e67e2c14c2da3a88ba2e7043d87905ac7034
32a88002f35eff5e93c02eed223dfea38e568f21d1c1a699cd63be40df7db3da
3302b265ed9b883a761b85e63d733266b71e600e7223cd4dc185e6210030067f
345272d368f41891c6383f5fd3c1c4016e4bc1fac7c6b5ec4239eca2abe3e9ad
354ad57c60e13889258605085cf85a04287c81e01249cee0905488c5c2d0d5d3
38ae38140d5cf7dc3b516d04dd50bfaf73434f0d37adc5767a727ddaa08e9a4d
3a6ab3556729fd2cc0898dd3ff7aca936674d7c7b48129b972ee5c9cd386c330
3ad3c6090d54fbef84020a1ea3efb8bb9bf2d1aed31cc6b6181b134d64d638e0
3b4ace8ea941028012e2cfb52be5c4c79a2cfc8d105d14c78f90408e45cd39f0
3b5d1371a61f1ae375b96295edce15313a3caf6bc1db273b519fb592fc9a7aaa
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3e226242583e4956742c67fe12bf9d751c86a16883d4ffac9db6c99eeb8a490f
3f2bbe6213127eaffa122d79877cd7453158fd8af7f0fb81545d159d211f90be
41b646a874e4cc09d73c01cf2a4698fbd6285896e649662e4973ea6db703d05d
44c580c6111838dad9b043b957ab660884e174208acbf200327e7011bd9beddc
450a1035407bb96121aa11f7bca0c12294dc271e78cbade9d0052b551a7eede5
47a11f8a0c3277ee7f855d1ee98d3b2e400d9741cdfb94efde8aeed086758d8e
4b19cfbf0b52bbd6d612f4591503b0fad28c8ba7b5a8a99a656ac2d90ee8f214
4e5d444d11e6905c76bb16dc816f2ff475f33f0b72420fbbf32ee3489254c467
4f69fd45ad3312c86269ddba0fde761925fce222e5fdabc62b2edf519607933a
4ff64a01ca56a68e14987a2832af970e299cced99e9ddc194c9f495010c80b34
50149c85c46f713e3fb5f52388e0f985c3e80cc59a5fff646255097795ccb43a
513c0be0f69c7f1625c845cd911d3a2e7eb1203c17e65278ff5b8b920072f399
5140ffadcbe20be10c2e123286833078362c1447e8e2c1cd5a2865e87872481b
52a990356dcc2d9b15abc600e4bd6aed03d74cefb19942981ba6a5118f5b7c65
52d9066f67b408e6107068287a73c28927a0b36aa84a3248361b0437cd1990b7
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53dd9835f718eeba7aca069375da3717cd8a429e02d01e6ab49eccc272f0f8ef
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59292264d9561a82edd2f1f12e480c5f8a75cf70b1be40ffd4d111201fc0018f
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5b0dd2d5bbc8c608d27ec2d725c1999164e5a2a0c3dbd7bad73d0e15a3decbdf
5d0db06f271f9019c66fdbf7c0b1675aa7ba41bd5a8e17a434e4300da8ecd28c
5dda745de712d683aec1ffb43b6652c3f66a987365d10e766b5a4425fece998b
5e8f785115f25ff0e342c3537d89dbd804dcbaecc35c6a1b0ba4b391d79eb146
5ec0642d6ad00d4874c1b6d6246eb5d84f2a3a8321d25ccb06b78360e83aa5a2
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f35277b207d775c5174f66814fa4328c030088dfe82b20c71f0adb2f338ae6e
6015d633930297d1d79fca4175699fe4a8b4c2ffc5bd2a284c08420e92e4d2f2
60a07b1b77cbe851e4372f32eb3df625cc77865897dcf4a256f20a66ef8949d4
60cc29bdfc1c88b9ed4d13cf3ff332b8f770fe66ce996c464640535cad86bdf3
61b02fd07d36b04ef48de425b6edae4b61f4cca49dbed28d97c7bc08c5361175
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61dc28756317c72466f00a33f37d8f155d5c43fcfc7b7604199c807ec5688ed2
62396c150946104d4809279cfa87658c6733aa1b816420bbc620ead53e005f32
62c3e26df9015294db7f353d39478a0eb0c5c4c21185bad2a144f7dd5c9c2ecc
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
63c4eca73eccece0acc4fb748f61373e909665bb9a486d961682a36f5701a1ab
64055b9ee895e8ac9fdf64a6ace82dcbd3ccf040b61fb8cc738e5fa208b98988
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
679d69e57a480c2c4cfa5e3d5e104e98af6ea49378417abffefd3a3cc2ff2553
6abcc7592526e14df34a427062db1313446aa69e31caf75ded84a150f5feb1ff
6c5038025e687a4e9656aee6b9019d6452dc4f89069d40f8c854f61f2dc2a954
6cb5617edd79f36690f5f962d6eec9c852b037bd3dc6f1f7c65756747e09bb54
6dc57f8793a60a587c46f0d3ba69dcd41180a6b3d812a4f423cc97f3a966af49
6f8824a524bee61aef45526d005b684f8d198073c9754965073b362b03cfd290
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7410970b084a5256d674b1d37d7f5780053f8eab8b158d8b09edad86fd34562b
74b577ae32c1a81cd3b0619e463a1f90978af4489c6978a735d0a19f6059ce2d
74c50229639f651a115f1a6e572a0a0f7bbd8c506aa97df59a9fad84183dc8b3
74f46ac5adbd5095805e2d882ae04fdabcc2c3d108ac806470e1f052bd474f3b
7538d006ee781d6a7f6030912d2cf79f8f88bafcc47ac3eef81cab83c210cf4b
7644fc937bca4bcf108d4cf10b8aee92a76a8a0af6e6c74a0be28d26f3639766
7836045da7609ce521ded10d50662408fed85a90ba0c74e58700e0dfaf797989
7ab06dbd04b0f54e6cbf1dcd3fda5fd5cfc3e38295d3ef318cda7f61d89aa554
7b2126a7c61d436b37107d519e20e43f2d6f08160dde84495d2359bf2f322c1c
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c118c45be0d1cf8017e19865dbde4e5b391406d492fd50b11fd7b5ef480e40f
7c79ec3e4616a77c6647a80216c49fb9cd31fd1993221e716d9ad5540c59fd07
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e4d155acf1abecab0cb5a30645627a2742ff9ef0a52236ccaad865d2c095bf3
7e79fc1135b532a552f4ab3d934f80fc4510535b3bd0c8439b8fede86db4fb41
80ae2f0e55f139d26a72f71f5cb3d15bef7d21c02055590bd657c5617b328571
82fe6c4cfd96cd8690139c82c535eb9832ae54d3735d7c881c2725fb83767a6c
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843ac01149cced785dfebd0028d3b03ba78e286e1c6f9517ebfcdb609d97af4c
8459366028c0a6c68351c1d0f41fe9a2fcf2fc401c3f90ab03e9917e887de475
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84fabbb79a7c4d6f1d57e2d886fb500a9a672c7e6c1f36b4fe7102df64698e12
85ae46b458763371a5d19e575242cb3e804cb04de00f4070cb73c8ce00a68f69
882f8dae984f0c121304d9972eec8eb56091b684d218d422bcc30d18661b7c1b
885c8ed798df0e03d851e0f9c5a6b8d3d4a9e543c3e83cffc3f9a7a579a76ca0
8a7856e4cf81821b7092b348542a84ea84eb600a0cfa78ff68c9cec1b1ce88a2
8a956840b7c5ce92d4dc97729b3c1118162bdd72aaa72ce9fe1294d2c02f7fb8
8b1f03b77cbd66e5f1fa9f3f153c80c53938441d5de1a563ee9585f0bf3eb554
8b30307d6aaec78226b4700600a96137cb473f514df80fc4355ed970b2702886
8b80962407aedcf612e64d21fcf7883e2cd0803d1d63b2ccde3b66dbfe2d9198
8c52c6ade244212dabd3240f96cd3874470dc62a5cdfdcdf413490a5b9040641
8c54a9da34590cbc4ac016796cef4050d5bf8a94b1ed94ed89d86b9ebaebab6a
8c7d5b45d79382a4e49209a3926b9d22bb8bd9f9f79432e6e12b815d888ea72a
8f49588f1adda27e5a0b22dda90d9746413e06156ce473de9aac221c767af3d8
91035c1fe5b437bc3887fe3c741f18a2135902bff05eadc228d77eead13b7036
91e7f077664ee9356ee7429127b4d9737f2ac247add6eedacd3a469f5538d5cc
9552747080259280658a7ca63697792ac23f9eddc1b852af3851fb010469d659
96ddf1ae826e10c7aaafb6fb3ae8c110bb5683328b050d4f45ee08d9a19f82b0
98b43100874be7e184ce50e8c96417334c0e84b2710a2c6df554a0cf36a79fd5
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
99b0a08741d954d18b3b9072f4e9695f7f2ac9531d816024c09ebb572dad8e3d
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9b1f8fab82b18bd152cbf6c7519328a951c56627685c98560000ea1ecafb5b72
9b967a69371e3af4e63c91981001d84776d23811a57f5c9c6b3a96b6c2da9310
9cda26c6ca123d48661a5f67c1f94f0a5382e5303a256c9b2eb22671c96fbec2
9d6976e476e123e4bffc2de205b099a993e52b3aa858c5e9006571f55d1f28f8
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a28923a2362fa0f04746bb03e4c57f00f02b5b136f347bdf790a140dcf0061c8
a36bc631b6fef3fd0b6fc60dc0e5596ea7c88ba69583cb6bb85748ee46ea63b0
a39d9acefe24437ed2d4031241c6a1e19751f7e2010681b9320dd2264d27ef54
a3e4124a5baa9fe5f4a378b0079f9a236bc46d2cef86bfea595b9567658e1c6e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a647ffb391ee312ecaf646b14d0b60a004c8b60e17870ac28facc319b53955f2
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a83e4bb2a98df95ee3291e06a76024c79b62aeb2b2c111d34cc84c5af241d0e4
a85afcf0346b08217e747c1e0ed04b7e3641043802c1931ed9e2e9b3fcaeceb6
a90e2357be80d19f9549afa5374d3ccf0c0e6eb21e4ba9e4fb1210ead27efccb
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
ad59f0858e0c0c3ac53ff8facaaf5f986ff5a7c6e992e5771d8e202b668b71df
ae48acb5feb5671038d418e329e69022d642ce8e1843f8cefe65f0f3e2636c2c
aea3a63ac8e9fc878e49c68e6b73a4e958863db8cbb806b0bd56843112f1dfdf
aeca8972210ef71bb5529fef5f2b59ad8ee8baecc5f7f0c36b4657f8d74e29b0
aee1ea9f754b2b4789ebd1f61cb18062b82b75ea6d873f8fdc04ed29bfa47b19
af0c68f31bfe3eb2d22a56b6b42eb08185d624a7551f0faca4e9426956e9046c
afc9dbc00248a190b1598bc33732f6151e3cd2569aa15ecb5fafe2b4a34f2bda
b18a2cce3029f2fcbd102787aa9f74bd9e05ee995f8bbee4f88d0a98bde18d9b
b2c37139664ae4fc1b35a05d56ed4e486476c687581b191f19db7823689ebbbb
b349ada854332ff15dbf6d82d353d51ecbf87e99d510616509ad7cfc1707ff00
b3fe1b8edceec287ca0d158311e1cff6b49d2e31bfc56a7055b2049e21a7adb1
b453f7e482e40f3a63792b350f23d89ca0a9067676498d185281961be603176d
b469af5464d49fdbf6b48594f02c90e102c7925aa8afbf8bad80b573348d107f
b4995eb5bb05468640e2cfa1a35212cab11a28a872dc6bf63b412999fd473b3f
b5a33fb09c564f7c2c93c4751d27814fea3097ea24cb59e7f81f557d1fefc91b
b78c7eb76e37e4285db817724803514c815aac4ce085121efd9dbd0a1595fe1f
b82b70e8fb6162477bfa925fb2bb2aa6ac05fcc35cceb9daf9ca9ec3a2bc6ea2
b9ae38ad5fcb3ce0146df259dcfe77f2afbbd76d28bd93480210fc16edd1a7f1
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
bd88c8a6443878c1b90216a199ab6be673d81237da83f5216d3961eab73c3891
bdfe3a2b1cfc249d20f20867371282841afa1757342ed25421e4c3e0f449c581
be4baa4e0a065007c624ad61b19899a07971e5f8a5bc2207f56de6a54a88821f
c005512a2be02eae5769fc3624147b1fe1c0d1127ada713c5d83f54dccfe47f6
c2d67d3acdb757568521a41e43c61a273f43faee68fc74f41775b3d4039f0df3
c4e53c7b968ffd0eff818eeafc11ef11c5ca0f222afd9f5992a1566c1d5655bb
c59a112420dbd9dfe93cef3cc5748a877d60f03e8441fb506f908459e21e769e
c5a6b2a1e55e92c33f977bbd6f047cdec63b8fc1d87de48ea0201fed7a40ed64
c65e0315c09b245b1086ff08283f7f7c1f1e94c91bcd92282200cd34f4474b29
c7ea3cdce10dca254bf006e0c30bdb693fcab414178b3dc506bf6950234edf7d
c8373be4a808d2ee982d4f9df771ac0831502399ad3e2aa59f77bce16ce70305
c87163b3de163637fc724ddcdc96e71d400670e244fd6b04bb4a6a59ea82285f
c8bdea55d2a6eac001922a61dabc2dfae7ddbef1a3de2c786996aa2b13f3e6d7
cc544058a74b8854d1a04a48c60f52c76190c31daeb8f3a3df0af0be18930ea6
ce8e3530e63bfa05c0ba8eaf738365bca1bad4ed4b46e487c8d877050f1ad474
cf20b1c7ebfd8744af0ab794f09ee6f06bd0ff753e8a9d1b9ab5096053f11d30
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d011e9bc48e657ad60e2db1b827476944a09571e2e9c64828b45fae85a8e0fed
d11f45f0547ab1865cee457d765676e17108538cfc3d9c5636f664a061579131
d13e08892ef48393ce58c434f13b67418c7feb03d70c2cf67772272568e969b5
d36317007a5b2a5523c31e36eee382593cf4f2a5b49923f896228c1e6eaa0f7f
d4d964d6d34df7fde3554039d33b468b74afee14d6526a87b926688f0fc8d93c
d5189c595e201ea6cd8f342de726bcce00d7435a9ec4b1f07879b6608c9b2e61
d595f2f2c4d32eeb822be8337ae5c2bc4302a7f6b32bbc4b29d4c5b86472eb20
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d847a2b472bb4f98a901aecde2461eba0d47978d1ee4c0e386e3ee299e8ed96b
d8fa69059251b2aa34acbcad47d1b54461f8e31fc4748f83deca7395db6a61c2
d9c8e5ef82dc427ee83b5a4d7daef27d95ff700ee5644d2e899d85ffc57f7b27
dbe46c496bf7035369bce1b4e6aa6fbe02f54bc7f81be5b366fcc97e0081fd86
de0bc01daa8996739e538c4c3f58f458bf15d737d35a8cddb0d8d8d1d800db94
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de97bde8dbb2b393b7580a9c3213810c2627b4f1bef4bbf4d1a4e226e7680301
df69871d426374758b8981768ef3caa480fb966e1f70e7015051837c005478af
dfca5a42642178919b7877293effc5c83e3501e7ccdd117cf0fcda37dd2ad122
e367caee0d9e8d1451ee6197cb2555719bc1011ecd6952e28ba67e8edbf8b7ee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e992d0990ee9195845eddedeeac807e0f09dd42324e18bd03bb17e9d4a1640
e490ddfe8120f1602aa7205c805b2730025bbb05e6c3b14da57595e1df0c2529
e52f58ba9a5e56daee2098f3af529a8c1814d51851f89e767a679871cbcb16dc
e53202133a17df3372a7ed8f3b2cd34f674c389fcff93aa46d6bcd72bfa4bf58
e5f039ac18a2b16081344ee6ec1f25625e15cfa30ff6221037903f6481d2e349
e8c854bdad569517f51ae5122afecd34e1cbad187ffb9ebbf0370b71ebb3dd81
e8f6e94fcf43c4de739a29673ac26d9d7e29aa0e7227af066ccbab5cf4cf8ad2
e9311c7873a02cb0b3e5d466e56bf4933ea8696c5457b02c1fd2f53980ebc393
e948a8076142147c982672fef0f54bfad180b264b0431bd53819358e79051704
ea883d10d3ba1069465790ef750c18dd9559bfe9533d006b18f7208d803fc5c9
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ec88316f64caf440acbab01fe2b751fded5d133c32a6936e250112a3d5e01124
ed5169dd88d3f869771eeaaa2e171560f6513736e771f033e6950a4e3ff32407
ee9a67f6c41000c625cbe991e19755998aa03d991281a9bfa9c6bd9a9dc81b41
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8f1c9df6d6e8d508fdef7fbcb913c09b82bbafa56ecafbf985bbb4e6b3ed43
f0ecc9be2916a80a19ba3cba87fde44c599bbedb0060c8f42f834de886d6874a
f1000c400415ff168a11fabae79791b9e3d591cb0044159ef4cbbf8d6e103e47
f1dbeba3538c79a6f501270f086238eceadf6c79ef69c1d9d68e1decc3fdb0c5
f32a3d8e1c45e726fab7ddb248a819224769188e2db00ae92031f92c7f4f8b14
f33f45939a9c6567f5edf939ae23420a1a3b90d1fc10d84ab3703144cfca77a9
f449fa65da363c636a0dc7c89c935f9d8556f0c02e2398212f244256c2daef27
f476480e72f758e8c713cb85dd68b6f3922b32866f31e1d22cf924608ffa8ed1
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f77f40e81155853df72552dcab43624fc5f623805fef9eccc12b201d4fadc6cc
f8b23f718b424e619d61d6682a789a61b2baea1b00de5aec1cf5937e98b9514d
fae0a2f8a1861ac68699bf567945865a2ef1899862343145dc6bb981889385f6
fafe7818a41c059503c456f7c05b733a3334e9e0ed4241cc9189600b9ae687e9
fba42465c1bb65b031127f657c63e20ca3febce883d2388877b957fadb6a3677
fc53299b463018e1eb579d372ef0bd2ed8e090c5a2c175e5af29ef9d15c094c7
fdee9ecced6eca08dd7ca8ed87bac891ed26b3da05ea3a13a4a5516fc3e7df9a
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fe3a45122ffb45cdfaf3c9147f0e5407be5a08151b1025fb7eae18f1216da491
fea8f1d76f02ab2bde8bcf37f16c17ad649b1d61414fca044000844654ec3d38
ff7c9fc2bb9dad4d4ca05813b52faa7082080361873e31e3baeb4c87ee9d7359

hd.stheadline.com Open in urlscan Pro 79.133.177.230 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

309 Requests

98 %HTTPS

53 %IPv6

24 Domains

40 Subdomains

33 IPs

10 Countries

9705 kBTransfer

25060 kBSize

25 Cookies

62 Outgoing links

Page URL History

Redirected requests

309 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hd.stheadline.com Open in urlscan Pro
79.133.177.230 Public Scan

Screenshot
Live screenshot

Full Image

309
Requests

98 %
HTTPS

53 %
IPv6

24
Domains

40
Subdomains

33
IPs

10
Countries

9705 kB
Transfer

25060 kB
Size

25
Cookies

309 HTTP transactions
16 data transactions